Anonymous_User Absent Member.
Absent Member.
1198 views

Possible dns issue

Our elections dept has issues connecting to the site they need for
keeping their records. Seems like it takes 3 or 4 times of them trying
to login before they can connect.

We have our content filtering device set to never scan port 80 & 443
traffic to/from this site & outbound traffic is allowed on port 443
thru our firewall.

If I try to do an NSLOOKUP for the site (www.wyoreg.gov), I get a
response back from our isp's dns server w/ the following:

Non-authoritative answer:
Name: www.wyoreg.gov.CCGOV.NET
Address: 216.24.138.161

What gives? Why would our domain be appended to the end of the domain
I'm looking up?

Wondering if this has something to do w/ our inability to connect on a
regular basis.

--
Stevo
Labels (1)
0 Likes
9 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Possible dns issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Running `dig www.wyoreg.gov` over and over on my system gets me consistent
results back as shown below:

<quote>
; <<>> DiG 9.5.0-P2 <<>> www.wyoreg.gov
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5359
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;www.wyoreg.gov. IN A

;; ANSWER SECTION:
www.wyoreg.gov. 3594 IN CNAME www.gslb.wyoreg.gov.
www.gslb.wyoreg.gov. 4 IN A 208.18.254.37

;; AUTHORITY SECTION:
gslb.wyoreg.gov. 3594 IN NS wyvr2ns1.gslb.wyoreg.gov.
gslb.wyoreg.gov. 3594 IN NS wyvr1ns1.gslb.wyoreg.gov.

;; Query time: 0 msec
;; SERVER: 137.65.1.2#53(137.65.1.2)
;; WHEN: Mon Nov 2 14:44:40 2009
;; MSG SIZE rcvd: 117
</quote>

If you are not getting that result back consistently then it would appear
your DNS server is a bit insane. Perhaps it can't find the answer for
some odd reason and so it appends your search base on there ('COGOV.NET'
I'm guessing) and then just returns your DNS server or something else
default as a result. Anyway, wild guesses but DNS resolution for me (for
that domain) is working quickly and reliably.

Good luck.





Stevo wrote:
> Our elections dept has issues connecting to the site they need for
> keeping their records. Seems like it takes 3 or 4 times of them trying
> to login before they can connect.
>
> We have our content filtering device set to never scan port 80 & 443
> traffic to/from this site & outbound traffic is allowed on port 443
> thru our firewall.
>
> If I try to do an NSLOOKUP for the site (www.wyoreg.gov), I get a
> response back from our isp's dns server w/ the following:
>
> Non-authoritative answer:
> Name: www.wyoreg.gov.CCGOV.NET
> Address: 216.24.138.161
>
> What gives? Why would our domain be appended to the end of the domain
> I'm looking up?
>
> Wondering if this has something to do w/ our inability to connect on a
> regular basis.
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK71PCAAoJEF+XTK08PnB5Of0QAIDyHIjfdb23iLG5Mt5dsTnj
YiTEW5gr/3ePEGbLjKHMyDiB7YUkjgV0JvKWdZoRGv9LnYlsKq/1jzbihJue0h6k
QhRcCgM+Vr2NEAABIHdFeWSo5WmWR5//OITKSukajBUaAnSaWOPYB0i6znqY5O4o
mzPVyyepiGzqfNoN1jFj3eY/eSGzbCHadhU7MxL82IC3YYKMHeHdCVuFt16cVTV+
Cv/oJdTX4bIA/RFlMEIdORsE7bHJ7McuhK658id2AmrUm7p23HTd8hqmw/3Lb9ZB
LuT7Zid7rUh4FSyijgwc6s10VyV3IlfNg+eW9CWKVnrwr6KtHVIOLwtsGtmdtZLH
wgh9USms3bU5FsWIfnVF7VHsdw2JlDK3pUaxS/95famwUDmIwL6X0xSL0j6GR19O
/b5M1vRj/2UFXgRKtmkpZz4dCYaYwcKR09rln2NK+lbyF6tGvp+F57NoMrdSGLba
c9URKWGesLpEW4mSUZfhgd3wib9xwu0+/auDtShZ7R4qiDniMyWTbt7PDY5OP8UV
gopo5OnfbnFBZpKmkxXFIXq1zQrn3d/9QzkOGClHzng8FynHYTs+L15EEx9m97GL
1u99VFd0986tMo1HidI4SESspECtBDw9f1MfprEgq131NoWVT5n/Nm6UZSV491fo
6R6cvl50es91tBmAKVMc
=mF51
-----END PGP SIGNATURE-----
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

I haven't thoroughly read your question but it sounds like a dns suffix is
appending?

Does the workstation in question have a DNS suffix?
"Stevo" <steveSPAM@LESSccgov.net> wrote in message
news:MgIHm.2317$cC1.1522@kovat.provo.novell.com...
> Our elections dept has issues connecting to the site they need for
> keeping their records. Seems like it takes 3 or 4 times of them trying
> to login before they can connect.
>
> We have our content filtering device set to never scan port 80 & 443
> traffic to/from this site & outbound traffic is allowed on port 443
> thru our firewall.
>
> If I try to do an NSLOOKUP for the site (www.wyoreg.gov), I get a
> response back from our isp's dns server w/ the following:
>
> Non-authoritative answer:
> Name: www.wyoreg.gov.CCGOV.NET
> Address: 216.24.138.161
>
> What gives? Why would our domain be appended to the end of the domain
> I'm looking up?
>
> Wondering if this has something to do w/ our inability to connect on a
> regular basis.
>
> --
> Stevo



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

I think I heard Craig say something like:

> I haven't thoroughly read your question but it sounds like a dns
> suffix is appending?
>
> Does the workstation in question have a DNS suffix?


Yes, trying it from my machine which gets all its dns stuff from our
dhcp server, has a suffix of ccgov.net

--
Stevo
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

So....is that the problem then?
"Stevo" <steveSPAM@LESSccgov.net> wrote in message
news:2iJHm.2366$cC1.390@kovat.provo.novell.com...
>I think I heard Craig say something like:
>
>> I haven't thoroughly read your question but it sounds like a dns
>> suffix is appending?
>>
>> Does the workstation in question have a DNS suffix?

>
> Yes, trying it from my machine which gets all its dns stuff from our
> dhcp server, has a suffix of ccgov.net
>
> --
> Stevo



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

Stevo wrote:
> Our elections dept has issues connecting to the site they need for
> keeping their records. Seems like it takes 3 or 4 times of them trying
> to login before they can connect.
>
> We have our content filtering device set to never scan port 80 & 443
> traffic to/from this site & outbound traffic is allowed on port 443
> thru our firewall.
>
> If I try to do an NSLOOKUP for the site (www.wyoreg.gov), I get a
> response back from our isp's dns server w/ the following:
>
> Non-authoritative answer:
> Name: www.wyoreg.gov.CCGOV.NET
> Address: 216.24.138.161
>
> What gives? Why would our domain be appended to the end of the domain
> I'm looking up?


Behavour as designed.

This is so that, if you are in CCGOV.NET and you have a fileserver
called "FILES" you can type in "FILES" as a name and get it to look up
FILES.CCGOV.NET rather than have to type it in full each time.

the domain suffix is set per machine (although windows has some fancy
stuff to allow you to tweak what gets looked up) and if looking up
x.CCGOV.NET fails, then it will try x.NET before trying x

if you want to specify an absolute DNS name, add a final period to the
end of it - so www.wyoreg.gov. will *always* be looked up as that, not
www.wyoreg.gov.ccgov.net or www.wyoreg.gov.net

main cause of weird resolves though is the presence of a wildcard
"catchall" record to cause all unknown names to resolve to some server -
usually either an accelerator (like ichain) or a "subsite not found"
webserver of some sort.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

> "Stevo" <steveSPAM@LESSccgov.net> wrote in message
> news:MgIHm.2317$cC1.1522@kovat.provo.novell.com...
>
> What gives? Why would our domain be appended to
> the end of the domain I'm looking up?



As David said, in a lot more word than this:

Add a full-stop (period) to the end of the query.

[AZC-1] C:\>NSLOOKUP www.wyoreg.gov.
Server: dns0.cirencester.ac.uk
Address: 10.11.0.2

Non-authoritative answer:
Name: www.gslb.wyoreg.gov
Address: 208.18.254.37
Aliases: www.wyoreg.gov



--
AZC


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

I think I heard David Howe say something like:

> Behavour as designed.
>
> This is so that, if you are in CCGOV.NET and you have a fileserver
> called "FILES" you can type in "FILES" as a name and get it to look up
> FILES.CCGOV.NET rather than have to type it in full each time.
>
> the domain suffix is set per machine (although windows has some fancy
> stuff to allow you to tweak what gets looked up) and if looking up
> x.CCGOV.NET fails, then it will try x.NET before trying x
>
> if you want to specify an absolute DNS name, add a final period to the
> end of it - so www.wyoreg.gov. will always be looked up as that, not
> www.wyoreg.gov.ccgov.net or www.wyoreg.gov.net
>
> main cause of weird resolves though is the presence of a wildcard
> "catchall" record to cause all unknown names to resolve to some
> server - usually either an accelerator (like ichain) or a "subsite
> not found" webserver of some sort.


Thanks for clearing that up!

--
Stevo
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

I think I heard Andrew Z Carpenter say something like:

> As David said, in a lot more word than this:
>
> Add a full-stop (period) to the end of the query.


Thanks!

--
Stevo
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Possible dns issue

I think I heard Craig say something like:

> So....is that the problem then?


Apparently it is, when I put a . at the end of my lookup, seems to
resolve ok.

--
Stevo
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.