NSLOOKUP returning my domain appended to non-authoritative answer, along with wrong address ...
What is the motivation for a law requiring 2 parties to consent for recording a conversation
Why Did Howard Stark Use All The Vibranium They Had On A Prototype Shield?
Does it makes sense to buy a new cycle to learn riding?
is usb on wall sockets live all the time with out switches off
Which Sci-Fi work first showed weapon of galactic-scale mass destruction?
Where to refill my bottle in India?
Should I write numbers in words or as numerals when there are multiple next to each other?
In microwave frequencies, do you use a circulator when you need a (near) perfect diode?
Limit the amount of RAM Mathematica may access?
How to make payment on the internet without leaving a money trail?
How to manage monthly salary
Inline version of a function returns different value then non-inline version
Patience, young "Padovan"
What does "sndry explns" mean in one of the Hitchhiker's guide books?
If the Wish spell is used to duplicate the effect of Simulacrum, are existing duplicates destroyed?
Why is the maximum length of openwrt’s root password 8 characters?
Any good smartcontract for "business calendar" oracles?
Realistic Alternatives to Dust: What Else Could Feed a Plankton Bloom?
Carnot-Caratheodory metric
Confusion about non-derivable continuous functions
Spanish for "widget"
Is bread bad for ducks?
If a poisoned arrow's piercing damage is reduced to 0, do you still get poisoned?
Why could you hear an Amstrad CPC working?
NSLOOKUP returning my domain appended to non-authoritative answer, along with wrong address
The 2019 Stack Overflow Developer Survey Results Are InWindows Appending Domain Suffix To All LookupsDYNDNS.org Custom DNS returning odd results with Windows' NSLOOKUPDNS problems when connecting via VPNDNS - NSLOOKUP what is the meaning of the non-authoritative answer?UnKnown can't find <hostname>: Non-existent domainHow to change hostname without reboot?DNS questio in windows DNS 2008 r2FQDNs resolving correctly via ping but not nslookupDNS. Non-authoritative answer. canonical nameDNS issue - Windows Domain Controller 2016 - Unable to resolve public and private hostsNon-Authoritative DNS conflicting with established TLD Registrar
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I recently installed a Windows 2008r2 server (workgroup only, no AD or Domain). This server has DNS enabled.
From a different client machine on the LAN, I run NSLOOKUP to test DNS operation.
When starting up, it correctly lists the server name and IP address.
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
"my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
domain-name-system windows-server-2008-r2
edited Apr 13 '17 at 12:14
Community♦
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
add a comment |
I recently installed a Windows 2008r2 server (workgroup only, no AD or Domain). This server has DNS enabled.
From a different client machine on the LAN, I run NSLOOKUP to test DNS operation.
When starting up, it correctly lists the server name and IP address.
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
"my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
domain-name-system windows-server-2008-r2
edited Apr 13 '17 at 12:14
Community♦
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
add a comment |
I recently installed a Windows 2008r2 server (workgroup only, no AD or Domain). This server has DNS enabled.
From a different client machine on the LAN, I run NSLOOKUP to test DNS operation.
When starting up, it correctly lists the server name and IP address.
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
"my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
domain-name-system windows-server-2008-r2
edited Apr 13 '17 at 12:14
Community♦
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
I recently installed a Windows 2008r2 server (workgroup only, no AD or Domain). This server has DNS enabled.
From a different client machine on the LAN, I run NSLOOKUP to test DNS operation.
When starting up, it correctly lists the server name and IP address.
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
"my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
domain-name-system windows-server-2008-r2
domain-name-system windows-server-2008-r2
edited Apr 13 '17 at 12:14
Community♦
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
edited Apr 13 '17 at 12:14
Community♦
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
1
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
asked Dec 26 '13 at 22:09
tim11gtim11g
2482616
2482616
add a comment |
add a comment |
3 Answers
3
active
oldest
votes
I get a similar result:
D:Userstannerf>nslookup domain.net 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: domain.net.MYSUFFIX.COM
Address: 67.215.65.132
Looks like OpenDNS is redirecting when the name can't be resolved. You can change the query to any subdomain that won't resolve, and it will return the same:
D:Userstannerf>nslookup mdmarra.local 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: mdmarra.local.microsoft.com
Address: 67.215.65.132
nslookup is, by default, appending the search suffix. Take a look at this question. And here's a thread bemoaning OpenDNS' decision. I find it terribly confusing myself.
If you'd like to prevent OpenDNS from redirecting, you might take a look here.
edited Mar 20 '17 at 10:16
Community♦
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
add a comment |
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
This happens when you submit a query in nslookup that isn't fully qualified. Nslookup needs the trailing . in order for the query to be fully qualified. Lacking the trailing . causes nslookup to append the primary and/or connection specific DNS suffixes to the query.
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
Yes. The DNS client is working correctly. See my previous statement as to why nslookup behaves this way.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
OpenDNS is hijacking the NXDOMAIN response for realdomain.com.my.domain.net and is returning the ip addresses of what is presumably some type of landing page offering their services. The ip addresses returned aren't the ip addresses of their DNS servers, they're the ip addresses to which they are redirecting the NXDOMAIN responses. - http://en.wikipedia.org/wiki/DNS_hijacking
my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
mydomain.net is the primary DNS suffix of your server. That is the DNS suffix that nslookup will append to unqualified queries while running nslookup from the server.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
This isn't applicable in your case. The NXDOMAIN response is being hijacked by OpenDNS.
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
Exactly. This is the correct way to use nslookup.
Everything you've described in your question is perfectly normal behavior, as far as nslookup is concerned. The only issue is the fact that OpenDNS is hijacking the NXDOMAIN response, which it really ought not to do.
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
add a comment |
@joeqwerty
This answer is AWESOME! I was wondering the same things. May I add to the question;
I have never seen this behavior before. In my old environments, dns was handled by another department, and the nslookup always looked 'normal'. How would I configure the server (or client) to return a single domain at nslookup.
Assuming I have been hyjacked as well, is just changing my forwarders enough?
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f563663%2fnslookup-returning-my-domain-appended-to-non-authoritative-answer-along-with-wr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
I get a similar result:
D:Userstannerf>nslookup domain.net 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: domain.net.MYSUFFIX.COM
Address: 67.215.65.132
Looks like OpenDNS is redirecting when the name can't be resolved. You can change the query to any subdomain that won't resolve, and it will return the same:
D:Userstannerf>nslookup mdmarra.local 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: mdmarra.local.microsoft.com
Address: 67.215.65.132
nslookup is, by default, appending the search suffix. Take a look at this question. And here's a thread bemoaning OpenDNS' decision. I find it terribly confusing myself.
If you'd like to prevent OpenDNS from redirecting, you might take a look here.
edited Mar 20 '17 at 10:16
Community♦
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
add a comment |
I get a similar result:
D:Userstannerf>nslookup domain.net 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: domain.net.MYSUFFIX.COM
Address: 67.215.65.132
Looks like OpenDNS is redirecting when the name can't be resolved. You can change the query to any subdomain that won't resolve, and it will return the same:
D:Userstannerf>nslookup mdmarra.local 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: mdmarra.local.microsoft.com
Address: 67.215.65.132
nslookup is, by default, appending the search suffix. Take a look at this question. And here's a thread bemoaning OpenDNS' decision. I find it terribly confusing myself.
If you'd like to prevent OpenDNS from redirecting, you might take a look here.
edited Mar 20 '17 at 10:16
Community♦
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
add a comment |
I get a similar result:
D:Userstannerf>nslookup domain.net 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: domain.net.MYSUFFIX.COM
Address: 67.215.65.132
Looks like OpenDNS is redirecting when the name can't be resolved. You can change the query to any subdomain that won't resolve, and it will return the same:
D:Userstannerf>nslookup mdmarra.local 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: mdmarra.local.microsoft.com
Address: 67.215.65.132
nslookup is, by default, appending the search suffix. Take a look at this question. And here's a thread bemoaning OpenDNS' decision. I find it terribly confusing myself.
If you'd like to prevent OpenDNS from redirecting, you might take a look here.
edited Mar 20 '17 at 10:16
Community♦
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
I get a similar result:
D:Userstannerf>nslookup domain.net 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: domain.net.MYSUFFIX.COM
Address: 67.215.65.132
Looks like OpenDNS is redirecting when the name can't be resolved. You can change the query to any subdomain that won't resolve, and it will return the same:
D:Userstannerf>nslookup mdmarra.local 208.67.222.222
Server: resolver1.opendns.com
Address: 208.67.222.222
Non-authoritative answer:
Name: mdmarra.local.microsoft.com
Address: 67.215.65.132
nslookup is, by default, appending the search suffix. Take a look at this question. And here's a thread bemoaning OpenDNS' decision. I find it terribly confusing myself.
If you'd like to prevent OpenDNS from redirecting, you might take a look here.
edited Mar 20 '17 at 10:16
Community♦
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
edited Mar 20 '17 at 10:16
Community♦
1
edited Mar 20 '17 at 10:16
Community♦
1
edited Mar 20 '17 at 10:16
Community♦
1
1
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
answered Dec 26 '13 at 22:30
Tanner FaulknerTanner Faulkner
71421428
71421428
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
add a comment |
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
Yes, the problem is with OpenDNS. I switched the server over to the Google DNS at 8.8.8.8 and 8.8.4.4
– tim11g
Dec 27 '13 at 16:08
add a comment |
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
This happens when you submit a query in nslookup that isn't fully qualified. Nslookup needs the trailing . in order for the query to be fully qualified. Lacking the trailing . causes nslookup to append the primary and/or connection specific DNS suffixes to the query.
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
Yes. The DNS client is working correctly. See my previous statement as to why nslookup behaves this way.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
OpenDNS is hijacking the NXDOMAIN response for realdomain.com.my.domain.net and is returning the ip addresses of what is presumably some type of landing page offering their services. The ip addresses returned aren't the ip addresses of their DNS servers, they're the ip addresses to which they are redirecting the NXDOMAIN responses. - http://en.wikipedia.org/wiki/DNS_hijacking
my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
mydomain.net is the primary DNS suffix of your server. That is the DNS suffix that nslookup will append to unqualified queries while running nslookup from the server.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
This isn't applicable in your case. The NXDOMAIN response is being hijacked by OpenDNS.
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
Exactly. This is the correct way to use nslookup.
Everything you've described in your question is perfectly normal behavior, as far as nslookup is concerned. The only issue is the fact that OpenDNS is hijacking the NXDOMAIN response, which it really ought not to do.
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
add a comment |
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
This happens when you submit a query in nslookup that isn't fully qualified. Nslookup needs the trailing . in order for the query to be fully qualified. Lacking the trailing . causes nslookup to append the primary and/or connection specific DNS suffixes to the query.
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
Yes. The DNS client is working correctly. See my previous statement as to why nslookup behaves this way.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
OpenDNS is hijacking the NXDOMAIN response for realdomain.com.my.domain.net and is returning the ip addresses of what is presumably some type of landing page offering their services. The ip addresses returned aren't the ip addresses of their DNS servers, they're the ip addresses to which they are redirecting the NXDOMAIN responses. - http://en.wikipedia.org/wiki/DNS_hijacking
my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
mydomain.net is the primary DNS suffix of your server. That is the DNS suffix that nslookup will append to unqualified queries while running nslookup from the server.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
This isn't applicable in your case. The NXDOMAIN response is being hijacked by OpenDNS.
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
Exactly. This is the correct way to use nslookup.
Everything you've described in your question is perfectly normal behavior, as far as nslookup is concerned. The only issue is the fact that OpenDNS is hijacking the NXDOMAIN response, which it really ought not to do.
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
add a comment |
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
This happens when you submit a query in nslookup that isn't fully qualified. Nslookup needs the trailing . in order for the query to be fully qualified. Lacking the trailing . causes nslookup to append the primary and/or connection specific DNS suffixes to the query.
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
Yes. The DNS client is working correctly. See my previous statement as to why nslookup behaves this way.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
OpenDNS is hijacking the NXDOMAIN response for realdomain.com.my.domain.net and is returning the ip addresses of what is presumably some type of landing page offering their services. The ip addresses returned aren't the ip addresses of their DNS servers, they're the ip addresses to which they are redirecting the NXDOMAIN responses. - http://en.wikipedia.org/wiki/DNS_hijacking
my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
mydomain.net is the primary DNS suffix of your server. That is the DNS suffix that nslookup will append to unqualified queries while running nslookup from the server.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
This isn't applicable in your case. The NXDOMAIN response is being hijacked by OpenDNS.
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
Exactly. This is the correct way to use nslookup.
Everything you've described in your question is perfectly normal behavior, as far as nslookup is concerned. The only issue is the fact that OpenDNS is hijacking the NXDOMAIN response, which it really ought not to do.
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
when I type in "realdomain.com" from the > prompt, NSLOOKUP returns:
Non-authoritative answer:
Name: realdomain.com.my.domain.net
Address: 67.215.65.132
This happens when you submit a query in nslookup that isn't fully qualified. Nslookup needs the trailing . in order for the query to be fully qualified. Lacking the trailing . causes nslookup to append the primary and/or connection specific DNS suffixes to the query.
The client system is able to resolve names, so DNS is working to some extent, but I don't understand why "my.domain.net" is appended.
Yes. The DNS client is working correctly. See my previous statement as to why nslookup behaves this way.
The 67.215.65.132 address returned for realdomain.com is also incorrect. The address actually belongs to OpenDNS. I am using OpenDNS as the forwarders, but those addresses are 208.67.xxx.xxx.
OpenDNS is hijacking the NXDOMAIN response for realdomain.com.my.domain.net and is returning the ip addresses of what is presumably some type of landing page offering their services. The ip addresses returned aren't the ip addresses of their DNS servers, they're the ip addresses to which they are redirecting the NXDOMAIN responses. - http://en.wikipedia.org/wiki/DNS_hijacking
my.domain.net" is the primary DNS suffix of the my local LAN server. It is not a publicly visible domain, since the server is on a private network.
mydomain.net is the primary DNS suffix of your server. That is the DNS suffix that nslookup will append to unqualified queries while running nslookup from the server.
This question seems to be quite similar, but I don't understand how to apply the solution: "...remove the wild card entry from your network solutions configuration". What wild card entry? Where is the "network solutions configuration"?
This isn't applicable in your case. The NXDOMAIN response is being hijacked by OpenDNS.
As in the referenced question, if I enter realdomain.com. (with the period at the end), it works correctly and returns the correct address.
Exactly. This is the correct way to use nslookup.
Everything you've described in your question is perfectly normal behavior, as far as nslookup is concerned. The only issue is the fact that OpenDNS is hijacking the NXDOMAIN response, which it really ought not to do.
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
answered Dec 27 '13 at 16:41
joeqwertyjoeqwerty
96.6k465149
96.6k465149
add a comment |
add a comment |
@joeqwerty
This answer is AWESOME! I was wondering the same things. May I add to the question;
I have never seen this behavior before. In my old environments, dns was handled by another department, and the nslookup always looked 'normal'. How would I configure the server (or client) to return a single domain at nslookup.
Assuming I have been hyjacked as well, is just changing my forwarders enough?
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
@joeqwerty
This answer is AWESOME! I was wondering the same things. May I add to the question;
I have never seen this behavior before. In my old environments, dns was handled by another department, and the nslookup always looked 'normal'. How would I configure the server (or client) to return a single domain at nslookup.
Assuming I have been hyjacked as well, is just changing my forwarders enough?
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
@joeqwerty
This answer is AWESOME! I was wondering the same things. May I add to the question;
I have never seen this behavior before. In my old environments, dns was handled by another department, and the nslookup always looked 'normal'. How would I configure the server (or client) to return a single domain at nslookup.
Assuming I have been hyjacked as well, is just changing my forwarders enough?
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
@joeqwerty
This answer is AWESOME! I was wondering the same things. May I add to the question;
I have never seen this behavior before. In my old environments, dns was handled by another department, and the nslookup always looked 'normal'. How would I configure the server (or client) to return a single domain at nslookup.
Assuming I have been hyjacked as well, is just changing my forwarders enough?
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 mins ago
Manly BootsManly Boots
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 8 mins ago
Manly BootsManly Boots
1
answered 8 mins ago
Manly BootsManly Boots
1
1
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Manly Boots is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f563663%2fnslookup-returning-my-domain-appended-to-non-authoritative-answer-along-with-wr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
