Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » DNS and Nslookup question
DNS and Nslookup question [message #157044] Tue, 30 June 2009 03:34 Go to next message
Gonzo  is currently offline Gonzo  United Kingdom
Messages: 66
Registered: July 2009
Member
Hi,

I have just type nslookup 'AD domain name' and it returned a list of DC's
but also a strange IP of a subnet.

For example:

Name: gb.vo.local
Addresses: 192.168.21.4
192.168.80.2
192.168.21.0 (what is this?)
192.168.21.1
192.168.21.3
192.168.21.2

In DNS:

(same as parent folder) - 192.168.21.0

Should this be here?
RE: DNS and Nslookup question [message #157056 is a reply to message #157044] Tue, 30 June 2009 07:28 Go to previous messageGo to next message
Garry Starck-MCITP En  is currently offline Garry Starck-MCITP En
Messages: 69
Registered: July 2009
Member
Hi Gonzo

Open the properties of the zone/domain in DNS manager, go to the Name
Servers TAB and see if it's there
--
Garry Starck
MCITP Enterprise Administrator, MCTS AD, MCSE 2003 Messaging, MCDBA


"Gonzo" wrote:

> Hi,
>
> I have just type nslookup 'AD domain name' and it returned a list of DC's
> but also a strange IP of a subnet.
>
> For example:
>
> Name: gb.vo.local
> Addresses: 192.168.21.4
> 192.168.80.2
> 192.168.21.0 (what is this?)
> 192.168.21.1
> 192.168.21.3
> 192.168.21.2
>
> In DNS:
>
> (same as parent folder) - 192.168.21.0
>
> Should this be here?
>
>
Re: DNS and Nslookup question [message #157095 is a reply to message #157056] Tue, 30 June 2009 09:11 Go to previous messageGo to next message
Gonzo  is currently offline Gonzo  United Kingdom
Messages: 66
Registered: July 2009
Member
It is not.

"Garry Starck-MCITP Enterprise Admin"
<vjsparx@REMOVE_CAPS_INVALIDhotmail.com> wrote in message
news:C0E108E0-E41B-4E02-8DC7-A62CEF061304@microsoft.com...
> Hi Gonzo
>
> Open the properties of the zone/domain in DNS manager, go to the Name
> Servers TAB and see if it's there
> --
> Garry Starck
> MCITP Enterprise Administrator, MCTS AD, MCSE 2003 Messaging, MCDBA
>
>
> "Gonzo" wrote:
>
>> Hi,
>>
>> I have just type nslookup 'AD domain name' and it returned a list of DC's
>> but also a strange IP of a subnet.
>>
>> For example:
>>
>> Name: gb.vo.local
>> Addresses: 192.168.21.4
>> 192.168.80.2
>> 192.168.21.0 (what is this?)
>> 192.168.21.1
>> 192.168.21.3
>> 192.168.21.2
>>
>> In DNS:
>>
>> (same as parent folder) - 192.168.21.0
>>
>> Should this be here?
>>
>>
Re: DNS and Nslookup question [message #157098 is a reply to message #157044] Tue, 30 June 2009 09:30 Go to previous messageGo to next message
Chris Dent  is currently offline Chris Dent  United Kingdom
Messages: 189
Registered: July 2009
Senior Member
If you delete the record does it re-appear? If it does the source would
need investigating (normally only your DCs).

It is actually a valid IP Address if the IP range crosses covers at
least 192.168.20.0 to 192.168.21.255. The 0 and 255 addresses aren't
normally used though... tradition more than anything else.

Chris
Re: DNS and Nslookup question [message #157104 is a reply to message #157044] Tue, 30 June 2009 11:00 Go to previous message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
In news:%23Wx10UV%23JHA.2120@TK2MSFTNGP02.phx.gbl,
Gonzo <andrewwhite@btinternet.com>, posted the following, which I replied to down below...: Hello Gonzo
> Hi,
>
> I have just type nslookup 'AD domain name' and it returned a list of
> DC's but also a strange IP of a subnet.
>
> For example:
>
> Name: gb.vo.local
> Addresses: 192.168.21.4
> 192.168.80.2
> 192.168.21.0 (what is this?)
> 192.168.21.1
> 192.168.21.3
> 192.168.21.2
>
> In DNS:
>
> (same as parent folder) - 192.168.21.0
>
> Should this be here?

The subnet IP itself shouldn't be in there, but the other IPs indicate all of your DCs' LdapIpAddress entries, which the netlogon service registers on each DC.

As for that subnet IP ID range showing up as an LdapIpAddress, that is interesting to say the least. Does that IP show up under the vo.local zone?

Check in each DCs' system32\config folder and look at the netlogon.dns file in notepad. Search for 192.168.21.0. Find out which DC has it in there, if it is. If you find it on a DC, rename the file to netlogon.dnsold, as well as rename the netlogon.bak to .bakold, then run:
ipconfig /registerdns
net stop netlogon
net start netlogon

Then check the file again to see if it is listed,
Allow replication to occur,
Then check the zone as well to see if it shows up.

If so, delete it, then re-rerun the following on one DC, then check the zone, refresh it, and if it doesn't show up, run it on the next DC, check the zone, etc, keep going on each DC until you find which DC is registering the record. You may have to wait for replication to occur, but one trick is when you run it on a DC, look at the DC to see which DNS address is the first listed in IP properties, then check that DNS.

ipconfig /registerdns
net stop netlogon
net start netlogon.

Also curious, any DCs have multiple NICs, and/or RRAS installed?
Is IP routing enabled on any of the DCs?
Do any of the DCs have an external DNS (such as your ISP or your router's address) in IP properties?
Do any of the DCs have 127.0.0.1 (the loopback) as a DNS address in IP properties?

If the answer is yes to any of the above, can you elaborate on why?

Keep in mind, the recommendation is the DC points to itself in DNS as the first entry, then a partner DC in it's own site or a neighboring site as the second entry. If the ISP's, router's or the loopback is in there, remove and set the IPs correctly as recommended.

Thanks,

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup/forum to benefit from collaboration among responding engineers, as well as to help others benefit from your resolution.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer
aceman@mvps.RemoveThisPart.org
http://twitter.com/acefekay

For urgent issues, you may want to contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
Previous Topic:Publishing LDAPS
Next Topic:Group policy wallpaper question
Goto Forum:
  


Current Time: Fri Oct 20 03:00:21 EDT 2017

Total time taken to generate the page: 0.03254 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software