tags:

views:

753

answers:

4
+2  Q: 

Domain Suffix added to DNS Queries

I have a reoccurring DNS problem that has been plaguing our users, occasionally causing their laptops to append our company's domain to the end of all DNS queries. The problem only occurs when users are off site and it appears to be fairly random. It will work one day and then, out of the blue, it will show the invalid entry. This effects mostly Windows XP users but has recently been seen on Vista as well. Here is an example using nslookup.

C:\Users\Username>nslookup www.yahoo.com Server: Linksys Address: 192.168.0.1

Non-authoritative answer: Name: www.yahoo.com.MYDOMAIN.COM Address: 999.999.999.999

I have replaced the IP address that is reported with a placeholder but I can tell you that what it returns is the default *. entry on our Network Solutions configuration. Since obvious www.yahoo.com.MYDOMAIN.COM doesn't exist this makes since. I believe the users internal equipment is functioning properly. Internally we run a Windows 2k3 Active Directory w/ Windows based DHCP and DNS servers. Eventually the problem resolves itself usually over a couple of hours or a number of reboots.

Has anyone seen this behavior before?

A: 

I haven't, but the scenario that comes to mind is that perhaps your systems are trying to determine whether to append the domain suffix by looking to see whether they can retrieve NS records for the .com TLD, and then intermittent network failures are causing false negatives on that check.

chaos  2009-06-19 02:26:05
I have a running theory that hibernating or possibly VPN related configurations are to blame but I have yet to find a common theme. It happened to me tonight running Windows 7 RC as well. If I do the nslookup but put a . at the end of the query I get the proper result. By inserting the period it creates a fully qualifieddomain name (FQDN) and doesn't allow it add the suffix.C:\Users\Username>nslookup www.yahoo.com.Server: LinksysAddress: 192.168.0.1Non-authoritative answer:Name: www-real.wa1.b.yahoo.comAddress: 209.191.93.52Aliases: www.yahoo.com www.wa1.b.yahoo.com
Xap  2009-06-19 02:43:17
A: 

It could also be a DHCP/DNS issue. Part of the DHCP reply can include information about the search domain. Typically, the PC would try to guess to see if it needed to append the search domain before sending the query up to the DNS server. Might warrant an investigation as well.

sybreon  2009-06-19 03:33:48
To test this I set the system to a static IP address. Rebooted it and the issue will persisted.
Xap  2009-06-19 03:53:24
A: 

There are still a lot of possibilities, so see if you can narrow it down.

You need to isolate the problem to a specific application on a specific system.

You could have a misconfigured DHCP server (you might be able to compare the lease log on the DHCP server with windows of activity). You might have a badly behaving application, which composes calls to the resolver without an FQDN (which should end in a period). If your first query fails (lets say the DNS request times out), then the resolver might cause a second query where treated your string as a PQDN and literalized it into the longer FQDN you see.

benc  2009-06-20 04:08:54
A: 

The default behavior of nslookup is to append domain suffixes to your query. It will do that until it gets an answer to some question.

It appears that you probably had temporary network disconnection. the host then tried to resolve a name and since it could not resolve www.yahoo.com it started adding known domains suffixes to it. You should see www.yahoo.com.SUBDOMAIN.MYDOMAIN.COM, www.yahoo.com.MYDOMAIN.COM and www.yahoo.com.COM

When all works correctly (network and DNS server) this should not be a problem.

Philip Derbeko  2009-06-22 19:34:59
This is what I have found as well. Any idea's how to resolve it as restarting, releasing dhcp, static IPs don't seem to have any effect.
Xap  2009-06-23 13:31:09

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)