Can resolve DNS, can ping IP, but can't ping by DNS??

I've been troubleshooting random, intermittent "page not found" errors on a
couple of our intranet sites. Domain with about 30 users, single subnet,
nothing unusual with our DNS config to my knowledge. The problem will
affect an individual user even while other users continue to use the site
without trouble. After a short while (10 mins? 30 mins?) the problem
clears up on its own. After discovering that a reboot fixes the problem, I
dug further, and here's what's happening:

While the problem is occurring, I can ping the target intranet site by IP.
I can resolve the site's dns name using nslookup. But I *can't* ping the
site by DNS name. "Ping request could not find host funtimes. Please check
the name and try again." Ipconfig /flushdns doesn't fix it. However,
ipconfig release & renew (actually just "repair" from the gui) *does* fix
the problem.

In watching the messages that flash by during the repair operation, I'm very
familiar with everything that's taking place except the messages having to
do with NetBT. The Clearing NetBT and Refreshing NetBT messages, iiuc, have
to do with NetBIOS over TCP/IP, but it's not clear to me what netbios name
resolution could have to do with pinging an intranet site by DNS name.

I'm stumped...any takers?

Thanks in advance,

BJ

In news:u9$(E-Mail Removed),
Bryan L <(E-Mail Removed)> typed:
> I've been troubleshooting random, intermittent "page not found"
> errors on a couple of our intranet sites. Domain with about 30
> users, single subnet, nothing unusual with our DNS config to my
> knowledge.

You might post an unedited ipconfig /all from a DC and from one of your
problem clients.

The problem will affect an individual user even while
> other users continue to use the site without trouble. After a short
> while (10 mins? 30 mins?) the problem clears up on its own. After
> discovering that a reboot fixes the problem, I dug further, and
> here's what's happening:
> While the problem is occurring, I can ping the target intranet site
> by IP. I can resolve the site's dns name using nslookup. But I
> *can't* ping the site by DNS name. "Ping request could not find host
> funtimes. Please check the name and try again."

Hmmm - well, funtimes isn't a 'DNS name' - it's the NetBIOS name of the
server. The fully-qualified name in DNS would be funtimes.domain.whatever.
If you type in funtimes and it doesn't return the name
funtimes.domain.whatever you've got DNS problems.....

> Ipconfig /flushdns
> doesn't fix it. However, ipconfig release & renew (actually just
> "repair" from the gui) *does* fix the problem.
>
> In watching the messages that flash by during the repair operation,
> I'm very familiar with everything that's taking place except the
> messages having to do with NetBT. The Clearing NetBT and Refreshing
> NetBT messages, iiuc, have to do with NetBIOS over TCP/IP, but it's
> not clear to me what netbios name resolution could have to do with
> pinging an intranet site by DNS name.

See above. And if you have NetBIOS over TCP/IP enabled, you should be using
WINS, too -
>
> I'm stumped...any takers?
>
> Thanks in advance,
>
> BJ

Next time it doesn't work,...from the client machine you experience the
problem, run:

c:\> IPConfig /FlushDNS

Does it work immediately after that?

If this command gets it working (even temporarily) then you need to look at
a few things and maybe be prepared to correct a DNS Scheme design flaw in
your LAN. Here is the best pattern for the DNS Scheme:

1. Make sure all machines on the LAN use the AD/DNS Server and *nothing*
else.
2. Make sure the AD/DNS Servers are able to make outbound DNS Queries
3. Make sure the IP# of an external DNS (such as the ISP's) is listed in the
Forwarders List within the config of the AD/DNS server themselves. This is
in the DNS Service config, not the TCP/IP config of the nic.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------

"Bryan L" <(E-Mail Removed)> wrote in message
news:u9$(E-Mail Removed)...
> I've been troubleshooting random, intermittent "page not found" errors on
> a couple of our intranet sites. Domain with about 30 users, single
> subnet, nothing unusual with our DNS config to my knowledge. The problem
> will affect an individual user even while other users continue to use the
> site without trouble. After a short while (10 mins? 30 mins?) the
> problem clears up on its own. After discovering that a reboot fixes the
> problem, I dug further, and here's what's happening:
>
> While the problem is occurring, I can ping the target intranet site by IP.
> I can resolve the site's dns name using nslookup. But I *can't* ping the
> site by DNS name. "Ping request could not find host funtimes. Please
> check the name and try again." Ipconfig /flushdns doesn't fix it.
> However, ipconfig release & renew (actually just "repair" from the gui)
> *does* fix the problem.
>
> In watching the messages that flash by during the repair operation, I'm
> very familiar with everything that's taking place except the messages
> having to do with NetBT. The Clearing NetBT and Refreshing NetBT
> messages, iiuc, have to do with NetBIOS over TCP/IP, but it's not clear to
> me what netbios name resolution could have to do with pinging an intranet
> site by DNS name.
>
> I'm stumped...any takers?
>
> Thanks in advance,
>
> BJ
>

"Bryan L" <(E-Mail Removed)> wrote in message
news:u9$(E-Mail Removed)...
> the name and try again." Ipconfig /flushdns doesn't fix it. However,

I didn't see this commend at the time I posted,...however the rest of the
"plan" I gave is correct and should be followed.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------

"Lanwench [MVP - Exchange]"
<(E-Mail Removed) ahoo.com> wrote in message
news:u3$(E-Mail Removed)...
> Hmmm - well, funtimes isn't a 'DNS name' - it's the NetBIOS name of the

I'm restricted from "funtimes". I can only go to "boringtimes",...it is even
a ".org" because I'm such a charity case... ;- {

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------

"Phillip Windell" <@.> wrote in message
news:(E-Mail Removed)...
> Next time it doesn't work,...from the client machine you experience the
> problem, run:
>
> c:\> IPConfig /FlushDNS
>
> Does it work immediately after that?

I saw your followup post, so we've got this covered.

> 1. Make sure all machines on the LAN use the AD/DNS Server and *nothing*
> else.
> 2. Make sure the AD/DNS Servers are able to make outbound DNS Queries
> 3. Make sure the IP# of an external DNS (such as the ISP's) is listed in
> the Forwarders List within the config of the AD/DNS server themselves.
> This is in the DNS Service config, not the TCP/IP config of the nic.

Regarding 1, 2, &3: Under normal circumstances non-local DNS requests are
forwarded by my DNS server to appropriate external DNS servers. However, in
my DHCP setup I do have secondary and tertiary DNS servers assigned so hosts
can continue to resolve internet addresses in the event our server goes
down. When troubleshooting this problem, I have verified that the server
returning the results of my nslookup queries is my own DNS server.

BJ

"Bryan L" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> forwarded by my DNS server to appropriate external DNS servers. However, in
> my DHCP setup I do have secondary and tertiary DNS servers assigned so hosts
> can continue to resolve internet addresses in the event our server goes down.

Absolutely get rid of that.
If the server goes down, you 've lost the AD Domain and whether they can browse
the web is the least of your worries. I don't know that I would want them
running around on the internet while I'm trying to bring the Domain back to life
anyway. If you want multiple DNS's for redundancy's sake,...you need to do that
via multiple DCs (with DNS on them).

See what happens after correcting that.
One step at a time.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of my
employer or anyone else associated with me.
-----------------------------------------------------

A couple of things:

"Lanwench [MVP - Exchange]" wrote:

> You might post an unedited ipconfig /all from a DC and from one of your
> problem clients.

Ipconfig results posted at the bottom

> Hmmm - well, funtimes isn't a 'DNS name' - it's the NetBIOS name of the
> server. The fully-qualified name in DNS would be funtimes.domain.whatever.
> If you type in funtimes and it doesn't return the name
> funtimes.domain.whatever you've got DNS problems.....

Sorry for being unclear. Funtimes is the name of the CNAME record in my
DNS, which corresponds to the host header I've assigned to the intranet
site. When I do an nslookup on that CNAME (alone or as a FQDN) the query
*returns the proper result from my DNS server* -- here's the kicker -- even
if the problem is occurring at that moment. In other words, even a client
experiencing the problem can still correctly *resolve* the name it's trying
to reach. The client can also ping the host by IP. But while the problem
is occurring, the client cannot ping the host by hostname. That's the part
that has me stymied.

Here's an example:
----------------------
C:\Documents and Settings\BJUsername>nslookup funtimes
Server: DNS1.mydomain.local
Address: 192.168.100.8

Name: Web1.mydomain.local
Address: 192.168.100.7
Aliases: funtimes.mydomain.local

-----------(Client resolved DNS name)------------

C:\Documents and Settings\BJUsername>nslookup funtimes.mydomain.local
Server: DNS1.mydomain.local
Address: 192.168.100.8

Name: Web1.mydomain.local
Address: 192.168.100.7
Aliases: funtimes.mydomain.local

-----------(Client resolved FQDN)------------

C:\Documents and Settings\BLinton>ping funtimes
Ping request could not find host crew. Please check the name and try again.

-----------(Client was unable to ping DNS name)----------
(note that I also tried the FQDN with the same result)

C:\Documents and Settings\BJUsername>ping 192.168.100.7

Pinging 192.168.100.7 with 32 bytes of data:

Reply from 192.168.100.7: bytes=32 time<1ms TTL=128
Reply from 192.168.100.7: bytes=32 time<1ms TTL=128
Reply from 192.168.100.7: bytes=32 time<1ms TTL=128
Reply from 192.168.100.7: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.100.7:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
----------------------

> ....And if you have NetBIOS over TCP/IP enabled, you should be using WINS,
> too -

I'm running a WINS server, and it has correct active registrations for all
hosts concerned. I did notice that the static IP configuration for the
AD/DNS/WINS server did NOT have a WINS server configured, so I entered that
(it points to itself for WINS now). All users' WINS configurations are
provided via the DHCP scope options, to use the h-node type.

Thanks again,

BJ

---------- AD/DNS Server ipconfig /all ---------------
C:\Documents and Settings\Administrator.MYDOMAIN>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : DNS1
Primary Dns Suffix . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . : No
WINS Proxy Enabled. . . . : No
DNS Suffix Search List. . . : mydomain.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . . : Intel(R) PRO/1000 XT Network
Connection
Physical Address. . . . . . . . : 00-00-00-AA-BB-CC
DHCP Enabled. . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.100.8
Subnet Mask . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . : 192.168.100.1
DNS Servers . . . . . . . . . . : 192.168.100.8
Primary WINS Server . . . : 192.168.100.8
/----------
-------------Example Client ipconfig /all --------------
C:\Documents and Settings\BJUser>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Client1
Primary Dns Suffix . . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Mydomain.local
mydomain.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mydomain.local
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
Cont
roller
Physical Address. . . . . . . . . : 00-00-00-DD-EE-FF
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.100.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.100.1
DHCP Server . . . . . . . . . . . : 192.168.100.8
DNS Servers . . . . . . . . . . . : 192.168.100.8
76.66.1.130
4.2.2.2
Primary WINS Server . . . . : 192.168.100.8
Lease Obtained. . . . . . . . . . : Monday, January 22, 2007 8:20:01
AM
Lease Expires . . . . . . . . . . : Tuesday, January 30, 2007
8:20:01 AM
/--------------

"Phillip Windell" <@.> wrote in message
news:(E-Mail Removed)...
> "Bryan L" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> forwarded by my DNS server to appropriate external DNS servers. However,
>> in my DHCP setup I do have secondary and tertiary DNS servers assigned so
>> hosts can continue to resolve internet addresses in the event our server
>> goes down.
>
> Absolutely get rid of that.
> If the server goes down, you 've lost the AD Domain and whether they can
> browse the web is the least of your worries. I don't know that I would
> want them running around on the internet while I'm trying to bring the
> Domain back to life anyway. If you want multiple DNS's for redundancy's
> sake,...you need to do that via multiple DCs (with DNS on them).

Mulitple DCs are in the plan...if I can swing it. Until recently my (old,
old) file server has been serving as an additional AD server. It's starting
to become unreliable (hardware issues) and is in the process of being
retired. I've begun migrating things to a shiny new server we just got.
Dell talked me into trying Storage Server, with an option to switch to
Server 2003 standard if it better meets our needs. I'm evaluating Storage
Server right now and am trying to judge whether the Storage Server goodies
(indexing and single-instance storage of duplicate files) outweigh the
inability to run AD, SQL, IIS, etc. Although it'll be more work, I'm
halfway inclined to dump Storage Server and install Server 2003 Standard R2,
in no small part because it's the only other server I have that can serve as
a DC without violating both best practices and the recommended/supported
config for apps running on other servers. Incidentally, if you or anyone
has opinions/experience about Storage Server vs Server 2003 standard, I'd
welcome those.

You seem very adamant about not having failover DNS servers configured on
the clients. What's the reason for that? My network is small enough that
my DNS server should never timeout on a DNS query under normal
circumstances. Also, in our particular organization, much of our work is
carried out via partners' websites (we are an independant insurance agency;
we do business with dozens of different carriers, and rely heavily on many
of their websites). So although the loss of the domain is a big deal,
having the users' lose their ability to complete web transactions with our
carriers is a bigger deal (from their working perspective).

All this just reinforces to me that probably, having a standard server I can
use as an additional DC probably outweighs the benefits of running Storage
Server on our file server.

Thanks again for great responses.

BJ
>
> See what happens after correcting that.
> One step at a time.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
> The views expressed are my own (as annoying as they are), and not those of
> my employer or anyone else associated with me.
> -----------------------------------------------------
>
>

"Bryan L" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> You seem very adamant about not having failover DNS servers configured on the
> clients. What's the reason for that?

AD depends 100% on DNS. You can not allow a situation to exist where a client
(for whatever reason) while trying to interact with AD to might look to the
wrong DNS Server. This has to be fixed even if it does not turn out to be the
cause of the original problem.

All machines on the LAN use only the AD/DNS. The AD/DNS then uses the ISP's
DNS(s) as Forwarders in the Forwarders List in the configuration of the DNS
services.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of my
employer or anyone else associated with me.
-----------------------------------------------------