nslookup adding my domain name and returning always the same address

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,
we have a w2k server running an exchange 2k server with a
domain. All updates have been done on it. With no apparent
reason, it starts considering all email as spam (using
Spamhaus.org black lists)last sunday. After few research,
it seems to be a DNS problem.

By doing Nslookup on it I realized that it always add my
domain name at the end and always return the same IP
address.

Exemple of the nslookup:
hotmail.com
Click to expand...
Server: pigeon.interne.mydomain.com
Address: 192.9.200.1
Non-authoritative answer:
Name: hotmail.com.mydomain.com
Address: 63.246.26.4
msn.com
Click to expand...
Server: pigeon.interne.mydomain.com
Address: 192.9.200.1
Non-authoritative answer:
Name: msn.com.mydomain.com
Address: 63.246.26.4

The address 63.246.26.4 isn't our mydomain.com homepage or
mail server.
And it will answer to anything.anything by the samething
(even if the site doesn't exist).
However, we can access the internet using this dns server
without any problem and it resolve the site well. It also
send mail without any problem.

No Forwarder are configured in the server.
Forward lookup zone contain: interne.mydomain.com (under
it, we finds all internal clients dhcp ip).
Reverse lookup zone contain: 192.9.200.x Subnet (with the
internal clients ip in it)

Any hint on how to resolve this problem???
Regards, Marco
 
In
Hi,
we have a w2k server running an exchange 2k server with a
domain. All updates have been done on it. With no apparent
reason, it starts considering all email as spam (using
Spamhaus.org black lists)last sunday. After few research,
it seems to be a DNS problem.

By doing Nslookup on it I realized that it always add my
domain name at the end and always return the same IP
address.

Exemple of the nslookup:
Server: pigeon.interne.mydomain.com
Address: 192.9.200.1
Non-authoritative answer:
Name: hotmail.com.mydomain.com
Address: 63.246.26.4

Server: pigeon.interne.mydomain.com
Address: 192.9.200.1
Non-authoritative answer:
Name: msn.com.mydomain.com
Address: 63.246.26.4

The address 63.246.26.4 isn't our mydomain.com homepage or
mail server.
And it will answer to anything.anything by the samething
(even if the site doesn't exist).
However, we can access the internet using this dns server
without any problem and it resolve the site well. It also
send mail without any problem.

No Forwarder are configured in the server.
Forward lookup zone contain: interne.mydomain.com (under
it, we finds all internal clients dhcp ip).
Reverse lookup zone contain: 192.9.200.x Subnet (with the
internal clients ip in it)

Any hint on how to resolve this problem???
Regards, Marco
Click to expand...

It sounds to me like someone created a wildcard record and the combination
of your DNS suffix search list makes it resolve to the wild card record.
On the DNS tab there is a selection for "append parent suffixes of the
primary DNS suffix" deselect that option and see what is does.
If you would post your unedited ipconfig /all I could probably verify this.
 
Thanks for the quick answer.
Here is the ipconfig /all as asked.
Thanks, Marco


C:\Documents and Settings\administrator>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : PIGEON
Primary DNS Suffix . . . . . . . :
interne.plastic-xxx.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . :
interne.plastic-xxx.com
plastic-xxx.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163
Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-02-A5-EC-ED-
B1
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.9.200.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.9.200.2
DNS Servers . . . . . . . . . . . : 192.9.200.1
Primary WINS Server . . . . . . . : 192.9.200.1

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-
00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.9.200.60
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

C:\Documents and Settings\administrator>
 
In (e-mail address removed) <[email protected]>
wrote their comments
Then Kevin replied below:

Either you posted false data or there is a wildcard record in your zone
resolving to the IP. The domain name you posted in your ipconfig resolves to
nothing. I need to see an unedited ipconfig /all.
 
In
Thanks for the quick answer.
Here is the ipconfig /all as asked.
Thanks, Marco
Click to expand...

Do you work for Sun Microsystems?

===================
Curious, this IP range you're using, belongs to Sun Microsystems.
Search results for: 192.9.0.0

OrgName: Sun Microsystems, Inc
OrgID: SUN
Address: 4150 Network Circle
City: Santa Clara
StateProv: CA
PostalCode: 95054
Country: US
===================

Is this supposed to be a private range? If so, the private ranges are:
192.168.0.0/16
172.16.0.0/19
10.0.0.0/16




--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
I replaced a part of my domain for privacy purpose but if
you need it, here it is again but unedited.
Regards, Marco

C:\Documents and Settings\administrator>ipconfig /all
-----Original Message-----
In (e-mail address removed)
Click to expand...
 
In
I replaced a part of my domain for privacy purpose but if
you need it, here it is again but unedited.
Regards, Marco
Click to expand...

Thank you very much for posting that. Your DNS hosting company has wildcard
record in the public zone that points to that IP address take a look below.
Tell the hosting company to remove the wildcard record, or go to every
machine and uncheck "Append parent suffxes of the Primary DNS suffix" (on
the DNS tab) this will stop plastic-ind.com from being appended to queries.

QUESTION SECTION:
this-is-what-a-wild-card-record-is-good-for.plastic-ind.com. IN
A

ANSWER SECTION:
this-is-what-a-wild-card-record-is-good-for.plastic-ind.com. 14400 IN
A 63.246.26.4

AUTHORITY SECTION:
plastic-ind.com. 172525 IN NS ns2.dnswebserver.net.
plastic-ind.com. 172525 IN NS ns1.dnswebserver.net.

ADDITIONAL SECTION:
ns1.dnswebserver.net. 172543 IN A 63.246.26.5
ns2.dnswebserver.net. 172543 IN A 216.118.107.5

QUESTION SECTION:
see-what-i-mean.plastic-ind.com. IN A

ANSWER SECTION:
see-what-i-mean.plastic-ind.com. 14400 IN A 63.246.26.4

AUTHORITY SECTION:
plastic-ind.com. 172486 IN NS ns1.dnswebserver.net.
plastic-ind.com. 172486 IN NS ns2.dnswebserver.net.

ADDITIONAL SECTION:
ns1.dnswebserver.net. 172504 IN A 63.246.26.5
ns2.dnswebserver.net. 172504 IN A 216.118.107.5
 
Thanks a lot for your time and research!!! I'll contact my
DNS hosting company.
Regards, Marco
 
In
Hi,
the 192.9.200.x range is our internal private ip range.
Regards,
Marco
Click to expand...

Unfortunately this is not a range that was allocated for private use and is
actually a public IP range that is owned by Sun. The valid ranges that are
useable for private purposes I have provided for you in my previous post.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
Back
Top