Windows DNS Resolve

Question

Level 1

5 points

Windows DNS Resolve

Hi-

My network doesn't seem to resolve Windows server names correctly, and I have to use IP addresses instead. For example, "http://servername/" or "smb://servername/" does not work, but "http://192.168.0.xxx/" does. Furthermore, if I don't specify the full path of an IP address, the name appears to resolve, but then I still get a server not found error, i.e.

http://192.168.0.204/ -> http://vox-iweb02/twiki/bin/view -> error: can't find server "vox-iweb02"

Is there anyway to resolve this (no pun intended) without hardcoding in /etc/hosts?

I have a working VPN (L2TP) connection to a Windows network, and I have configured the VPN TCP/IP DNS to the Windows DNS.

Thanks

--
tm

G4 Cube, Mac OS X (10.4.9)

Posted on May 12, 2007 11:49 PM

Reply

Answer 1

BDAqua

Level 10

250,259 points

May 13, 2007 12:40 AM in response to tjcmorgan

Seen some references to this lately... don't remember much about it, but Rick has reappeared lately, Gnarly, Phil, and Ant wil hopefully be around!

Plus the tons of other knowledgable people here... hang tight! 🙂

Reply

Answer 2

May 13, 2007 12:20 PM in response to tjcmorgan

if I don't specify the full path of an IP address, the name appears to resolve, but then I still get a server not found error, i.e.

http://192.168.0.204/ -> http://vox-iweb02/twiki/bin/view -> error: can't find server "vox-iweb02"

Sounds like partial address get resolved by some server but the web server there redirects to another site by name which then fails the lookup.

Is there anyway to resolve this (no pun intended) without hardcoding in /etc/hosts?

Big grin. Yes, hardcode it in /etc/resolv.conf ;-> In fact, you should look and see what is in /etc/resolv.conf.

I'd do a simple test. In Terminal enter:

$ dig vox-iweb02

and see what you get. We already know that will be a problem. Next, get the IP address of the Windows DNS server and try:

$dig @ip.of.windows.server vox-iweb02

If that works, you can put it into the DNS line of Network Preferences. Sounds like normal DNS lookups aren't going through the VPN.

Reply

Answer 3

tjcmorgan Author

Level 1

5 points

May 13, 2007 2:31 PM in response to philsmith_

Sounds like normal DNS lookups aren't going through the VPN.

Looks like you're right. So what to do? Also, it looks like the DNS fails to resolve if it does get through...? So what does that mean?

Here are the test results:-

% cat resolv.conf
nameserver 194.72.9.34
nameserver 62.6.40.178
%

These are my ISPs dynamic DNS, not the ones I specified in the network VPN config. Should I just add 192.168.0.21 to resolv.conf?

% dig vox-iweb02
; <<>> DiG 9.3.2 <<>> vox-iweb02
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65144
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;vox-iweb02. IN A

;; AUTHORITY SECTION:
. 10747 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2007051300 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 194.72.9.34#53(194.72.9.34)
;; WHEN: Sun May 13 21:52:55 2007
;; MSG SIZE rcvd: 103
%

As expected, cannot be resolved by ISPs DNS (duh!).

% dig @192.168.0.21 vox-iweb02
; <<>> DiG 9.3.2 <<>> @192.168.0.21 vox-iweb02
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54400
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;vox-iweb02. IN A

;; Query time: 144 msec
;; SERVER: 192.168.0.21#53(192.168.0.21)
;; WHEN: Sun May 13 21:53:37 2007
;; MSG SIZE rcvd: 28
%

Hmm. Also not resolved by Windows network DNS....??? So what if I dig the latter?

% dig 192.168.0.21

; <<>> DiG 9.3.2 <<>> 192.168.0.21
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65219
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;192.168.0.21. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2007051300 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 194.72.9.34#53(194.72.9.34)
;; WHEN: Sun May 13 21:55:06 2007
;; MSG SIZE rcvd: 105
%

I guess this doesn't shed any further light....

A little more background wrt my network:

www <--> Netgear DG814 DSL Modem (DHCP srvr) <--> Airport Ethernet bridge <--> Mac VPN/Airport client (10.0.0.4)

--
tm

Reply

Answer 4

May 13, 2007 3:27 PM in response to tjcmorgan

192.168.0.21 did't answer your request, so putting it in as a nameserver won't help anything. In fact, looking at this output, I'd say it wasn't working. Responded with no Answer, no Authority. Being windows, is it possible it needs to be all in upper case? (Sorry, don't know much about Windows.)

Reply

Answer 5

tjcmorgan Author

Level 1

5 points

May 14, 2007 2:46 PM in response to philsmith_

Success! I found two solutions. Here's what I did....

% nslookup vox-iweb02
Server: 192.168.0.21
Address: 192.168.0.21#53

** server can't find vox-iweb02: SERVFAIL

% nslookup 192.128.0.204
Server: 192.168.0.21
Address: 192.168.0.21#53

204.0.168.192.in-addr.arpa name = intranet.london.wavoo.com.
204.0.168.192.in-addr.arpa name = vox-iweb02.london.wavoo.com.

%

Aha! - a clue - maybe add london.wavoo.com to network search domain?

So, in the Network preference for VPN (L2TP), I have both DNS and Search domain declared. However, this alone doesn't work. Either 1) I have to replicate this in my Airport network config, or 2) enable "Send All Traffic over VPN" option in Internet Connect. Otherwise, my ISPs DNS overrides.

I hope this proves useful for someone else 🙂

Thanks for the pointers.

--
tm

Reply