Ping result doesn't make sense 2

[goombawaho]

On a friend's network: workstations return an incorrect value when pinging their server. Trying to ping their internal server by name gives the following ip address 67.215.65.132 when the actual address is 192.168.1.10

Which translates to: hit-nxdomain.opendns.com [67.215.65.132]

So, does that mean that something is configured on OPENDNS with the server name registered to that.

I'm guessing that if we pointed their router (and thus their workstations) away from using open DNS, this problem would be bypassed.

And for the cause, I'm guessing this (pulled from here:

http://forums.opendns.com/comments.php?DiscussionID=9321&page=1)

Configuring the OpenDNS server addresses on the WAN side only should be sufficient and better. Configuring them on the LAN side means propagating them to the local devices via DHCP which breaks local name resolution first. You better assign the router's IP address 192.168.1.1 as DNS server address on the LAN side.

 

[Noway2]

First question, when you try the ping, which in the background, does a DNS lookup, and get the public IP address (67.215.65.132) is that the correct IP of the server or is it some other domain?

If it is the IP address of the server, my guess is that you have a problem (?) with your resolver not searching the internal domain first, or there is a problem with the zone file that keeps it from returning the proper address.

If it is NOT the IP address of the server, but some unknown other domain, it sounds like a problem in a public DNS somewhere that needs to be fixed at the registrar level.

Second question, when you use nslookup and specifically point to different DNS servers, internal and external do you get consistent and results doing both forward and reverse lookups for both internal and external domains?

Third question, do you use a different domain namespace for the internal zone or is your goal to have it resolve host.domain.com as a LAN IP when queried from within the LAN and a public IP when queried externally?

 

[goombawaho]

I think you missed the point that I told you what it was resolving to. There are no external hosts - it's an internal server only. So an internal server is being resolved to an external address.

It's resolving to an IP address on the internet which corresponds to an OPENDNS server.

I think it goes like this:
1. clients are set to use OPENDNS ip addresses as their DNS servers
2. clients are not trying to resolve the address internally
3. clients go to OPENDNS to resolve and that pukes (no such host)
4. solution would be to have clients point to LAN side of router for DNS resolution and then check outside if no internal hosts is found.

By the way - I did NOT set this network up. I'm just trying to make sense of it.

 

[tarn]

So to me this sounds like that your friends clients are configured with the "default route" pointing to the gateway router, and either that router is going out to the internet looking for the "server name" I assume that by "server name" you mean a local network domain group name? or as there is no local routing for his server then its simply resolving (or trying to) externally ....

If you want to contain these client requests to the internal network then you can add a static "host" route on each AND-OR throw a entry into the hosts file on each client for the server name against the IP this way they should first consult the static route or the hosts file before going out to the internet to try and resolve.

I assume that the IP (67.215.65.132) is nothing like your friends outside (Internet facing) @IP ?

I think that Norway2's questions and comments are valid but your initial post was just a little vague so easily misunderstood.

IHTH

Laurie.

 

[goombawaho]

Sorry if my post was vague. I thought I explained it. Server Name = internal computer name - nothing to do with internet.

I agree with your assessment and that's what I thought. I'll see if the router can be set to hand out its address as a DNC server and that should fix the problem.

I assume that the IP (67.215.65.132) is nothing like your friends outside (Internet facing) @IP ?

That's correct - nothing related to external IP.

 

[BadBigBen]

The way I see it, Goom, is that in your assessment is correct, that the WAN side should point to OpenDNS only, and the clients should only have the router (P2P) or the DOMAIN Server as their DNS setting...

doing otherwise can lead to a.) strange resolves and b.) is a security hole...





Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"

 

[goombawaho]

Right, I thought I had it figured out. I know that the PCs on the network have EXTERNAL dns servers listed when you do an IPCONFIG /ALL and I would work to change that to the internal address of the router so it will try to resolve a host internally first and then proceed outside.

 

[hairlessupportmonkey]

I used to get that with OpenDNS as well with clients pinging internal devices that didnt exist on the network. Changed to Googles Public DNS and it stopped being an issue ;-)

8.8.8.8 and 8.8.4.4

ACSS - SME
General Geek

 

[goombawaho]

Ok, thanks to all. I think we've beat this one to death.