nslookup problem

[DaiShan]

Ok, we recently switched our IP scheme from 192.168.1.0/24 to 192.168.2.0/24 here to link in with our VPN. During this switch we also deployed a DHCP server to hand out static IP addresses based on MAC addresses of the individual PC's. All PC's have been set to DHCP and pull the proper information, however we have been having some DNS issues lately with regards to resolving AD objects. The previous admin here set each client to use the PDC as the primary DNS and an external DNS as secondary, as you can imagine this caused problems, so I've removed the external DNS from the DNS information, but it is still showing up in nslookup:

ipconfig /all

Physical Address. . . . . . . . . : xx-xx-xx-xx
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.254
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.132
Primary WINS Server . . . . . . . : 192.168.2.132
Lease Obtained. . . . . . . . . . : Wednesday, May 23, 2007 11:13:10 AM
Lease Expires . . . . . . . . . . : Wednesday, May 23, 2007 11:23:10 AM

nslookup <computername>

DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.168.1.132: Timed out
Server: <external DNS server which is not in the dhcpd.conf nor in the ipconfig info listed>
Address: <ip address of external DNS>

*** <external DNS server> can't find <computername>: Non-existent domain

As you can see it is checking 192.168.1.132 instead of 192.168.2.132 and then failing to the old secondary DNS information. Has anybody ever seen this before? What can I do to fix this? It's driving me nuts!

 

[spidey07]

Type nslookup <enter>

type set debug

type in the computer name. It will allow you to see what is going on. Also your lease time is EXTREMELY short, make it 7 days or more. Also make sure you have the new subnet defined in AD sites and services.

 

[DaiShan]

Thanks for the advice Spidey, I ran debug earlier and it keeps saying 192.168.1.132 timed out then fails over to the old secondary DNS information. I don't know where else I can change this info. When I type ping <computername> it resolves just fine, but nslookup can't find it. I'm trying to resolve an SSPI context issue that I believe to be related to this.

 

[nweaver]

ipconfig /flushdns and a reboot to start with.

nslookup
server 192.168.2.132
computername

try the above commands to see if that works.

 

[kevnich2]

What are you using as your DHCP server?

 

[her209]

Originally posted by: DaiShan
As you can see it is checking 192.168.1.132 instead of 192.168.2.132 and then failing to the old secondary DNS information. Has anybody ever seen this before? What can I do to fix this? It's driving me nuts!

It looks like its still retaining the old IP info.

 

[kevnich2]

Try running this one one of your clients:
Start > run > cmd
ipconfig /flushdns

then,
ipconfig /registerdns

Try a nslookup again and see if it's different. If this doesn't work, it's something with the DHCP server that needs configured.

 

[DaiShan]

Originally posted by: nweaver
ipconfig /flushdns and a reboot to start with.

nslookup
server 192.168.2.132
computername

try the above commands to see if that works.

Nweaver, that does work, however as soon as the nslookup prompt is exited the computer reverts back to the old DNS information, I haven't been able to find a way to force nslookup to always use this information.

 

[DaiShan]

Originally posted by: kevnich2
What are you using as your DHCP server?

dhcp3 - the dhcpd that is in the ubuntu repositories.

Here is a sample entry from the dhcpd.conf file:

host pc118 {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.2.118;
option domain-name-servers 192.168.2.132;
option domain-name "dacasso.local";
option routers 192.168.2.1;
option netbios-name-servers 192.168.2.132;
}

 

[nweaver]

on a linux machine, clear the resolv.conf file, then run dhclient and see if it's still putting the old server in...

 

[nweaver]

oh, and you DID restart the dhcpd daemon after changing the config, right?

 

[DaiShan]

Originally posted by: nweaver
oh, and you DID restart the dhcpd daemon after changing the config, right?

I restarted the daemon via init script, the linux machine pulls the correct information from the dhcpd server. The Windows boxes seem to as well (at least from what ipconfig shows) but for some reason nslookup is not pulling the default DNS server from the first entry (or any entry for that matter) of DNS in the ipconfig information. Thanks for all of the replies!

 

[Rilex]

nslookup does not use the DNS cache of the local machine, so the results there are not necessarily the results you will get in name lookup operations via Explorer, IE, etc.

ipconfig /displaydns will show you what is in the DNS cache. Also, make sure you didn't do something like static entries in a host file or use lmhosts.