W2K server doesn't resolve names

[cjobes]

W2K server SP4 in a workgroup (Testlab). Ping works fine but nslookup or any
name resolution fails. The server is not running DNS and points to a DNS
that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says that the
request timed out - server unknown.
I uninstalled the services on the NICs several times. I also removed and
reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole server. Does
anybody have an idea what else I can try? MS sites and Technet don't come up
with anything.

Thanks,
Claus

 

[Steven L Umbach]

Can you ping the dns server by it's ip address? Make sure that there is not an ipsec
filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled on any of the
adapters by looking in tcp/ip properties/advanced/options - tcp/ip filtering for udp.
The adapter used for dns for the lan should be at the top of the list in networking
properties/advanced settings. Run netdiag on the server and the dhcp client, dns
client, and tcp/ip netbios helper services need to be set to automatic and started.
If none of that helps try booting into safe mode with networking to see if it works.
This is a long shot but there seems to be a lot of winsock corruption going around
these days that is causing failure of dns name resolution. It is easy enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

 

[cjobes]

Steven,
Thanks for answering.

Yes, I can ping the DNS server. There is no IPSec in LSP nor is IP filtering
enabled.
Although there are 3 adapters present I only left one enabled. All relevant
services are running (netbios helper, dhcp client and dns client.

I tried safe mode with networking and have the same problem.There are no
errors that point to Winsock.

All tests with netdiag pass.

Any other idea?
Claus

Can you ping the dns server by it's ip address? Make sure that there is not an ipsec
filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled on any of the
adapters by looking in tcp/ip properties/advanced/options - tcp/ip filtering for udp.
The adapter used for dns for the lan should be at the top of the list in networking
properties/advanced settings. Run netdiag on the server and the dhcp client, dns
client, and tcp/ip netbios helper services need to be set to automatic and started.
If none of that helps try booting into safe mode with networking to see if it works.
This is a long shot but there seems to be a lot of winsock corruption going around
these days that is causing failure of dns name resolution. It is easy enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

W2K server SP4 in a workgroup (Testlab). Ping works fine but nslookup or any
name resolution fails. The server is not running DNS and points to a DNS
that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says that the
request timed out - server unknown.
I uninstalled the services on the NICs several times. I also removed and
reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole server. Does
anybody have an idea what else I can try? MS sites and Technet don't come up
with anything.

Thanks,
Claus

 

[Steven L Umbach]

Hmm. I only mention Winsock since more than a few users on the NG have had similar
problems in not being able to resolve domain names and it was Winsock problem though
that is usually caused by removing spyware though I have heard of issues with
software firewalls being removed doing the same. The only other thing I can think of
is the possibility requests are being blocked at the dns server by some sort of IP
filtering that would be specific to addresses in the range of the W2003 Server since
you indicate that it works fine for other computers. I would probably try running
Ethereal [free] on the W2003 server to capture a packet sequence just before you try
to do a dns name resolution attempt to see what is found and maybe do the same at the
same time on the dns server, possibly at a time when it is not being heavily used or
create a filter to capture traffic only to and from the W2003 Server. You could use
the built in netmon also if you installed it though I find Ethereal easier to use an
interpret the results. It is normal for nslookup to give you the message it gave you
about the dns server when you do not have a reverse zone configured as it is doing a
reverse query since you computer already knows the IP address of your preferred dns
server. However that will not prevent nslookup from being able to attempt and
successfully resolve names through your dns server if your server is in contact with
it AND it is working properly at that time, so go ahead and enter Microsoft.com or
such even with that nslookup error. Also keep in mind when testing dns name
resolution that Windows 2000 has a client dnscache that also caches failed queries so
you want to use ipconfig /flushdns between query attempts if trying to resolve the
same name. --- Steve

Steven,
Thanks for answering.

Yes, I can ping the DNS server. There is no IPSec in LSP nor is IP filtering
enabled.
Although there are 3 adapters present I only left one enabled. All relevant
services are running (netbios helper, dhcp client and dns client.

I tried safe mode with networking and have the same problem.There are no
errors that point to Winsock.

All tests with netdiag pass.

Any other idea?
Claus

Can you ping the dns server by it's ip address? Make sure that there is not an ipsec
filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled on any of the
adapters by looking in tcp/ip properties/advanced/options - tcp/ip filtering for udp.
The adapter used for dns for the lan should be at the top of the list in networking
properties/advanced settings. Run netdiag on the server and the dhcp client, dns
client, and tcp/ip netbios helper services need to be set to automatic and started.
If none of that helps try booting into safe mode with networking to see if it works.
This is a long shot but there seems to be a lot of winsock corruption going around
these days that is causing failure of dns name resolution. It is easy enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

W2K server SP4 in a workgroup (Testlab). Ping works fine but nslookup or any
name resolution fails. The server is not running DNS and points to a DNS
that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says that the
request timed out - server unknown.
I uninstalled the services on the NICs several times. I also removed and
reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole server. Does
anybody have an idea what else I can try? MS sites and Technet don't come up
with anything.

Thanks,
Claus

 

[cjobes]

It is definately the W2K server itself. This is a testlab setup with a few
computers in a workgroup. All have static private IP addresses in the same
subnet that connects through a NAT router to the broadband. So, from the
external DNS point of view all requests come from the same public IP. All
computers (except the W2K server) resolve names and the nslookup returns the
name of the DNS.

I've been in this business for 20 years and I have never encountered
anything like this. I've tried everything I can think of (run a repair,
removing hardware, reinstalling TCP, client and services etc.). Short of
rebuilding the box, I have no idea what else I can do. Rebuilding would be a
huge job with a whole bunch of server componants.

Any other idea?

Claus

Hmm. I only mention Winsock since more than a few users on the NG have had similar
problems in not being able to resolve domain names and it was Winsock problem though
that is usually caused by removing spyware though I have heard of issues with
software firewalls being removed doing the same. The only other thing I can think of
is the possibility requests are being blocked at the dns server by some sort of IP
filtering that would be specific to addresses in the range of the W2003 Server since
you indicate that it works fine for other computers. I would probably try running
Ethereal [free] on the W2003 server to capture a packet sequence just before you try
to do a dns name resolution attempt to see what is found and maybe do the same at the
same time on the dns server, possibly at a time when it is not being heavily used or
create a filter to capture traffic only to and from the W2003 Server. You could use
the built in netmon also if you installed it though I find Ethereal easier to use an
interpret the results. It is normal for nslookup to give you the message it gave you
about the dns server when you do not have a reverse zone configured as it is doing a
reverse query since you computer already knows the IP address of your preferred dns
server. However that will not prevent nslookup from being able to attempt and
successfully resolve names through your dns server if your server is in contact with
it AND it is working properly at that time, so go ahead and enter Microsoft.com or
such even with that nslookup error. Also keep in mind when testing dns name
resolution that Windows 2000 has a client dnscache that also caches failed queries so
you want to use ipconfig /flushdns between query attempts if trying to resolve the
same name. --- Steve

Steven,
Thanks for answering.

Yes, I can ping the DNS server. There is no IPSec in LSP nor is IP filtering
enabled.
Although there are 3 adapters present I only left one enabled. All relevant
services are running (netbios helper, dhcp client and dns client.

I tried safe mode with networking and have the same problem.There are no
errors that point to Winsock.

All tests with netdiag pass.

Any other idea?
Claus

Can you ping the dns server by it's ip address? Make sure that there

is
not an ipsec

filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled on

any of
the

adapters by looking in tcp/ip properties/advanced/options - tcp/ip filtering for udp.
The adapter used for dns for the lan should be at the top of the list

in
networking

properties/advanced settings. Run netdiag on the server and the dhcp client, dns
client, and tcp/ip netbios helper services need to be set to automatic

and
started.

If none of that helps try booting into safe mode with networking to

see if
it works.

This is a long shot but there seems to be a lot of winsock corruption going around
these days that is causing failure of dns name resolution. It is easy enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

W2K server SP4 in a workgroup (Testlab). Ping works fine but

nslookup or
any

name resolution fails. The server is not running DNS and points to a DNS
that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says

that
the

request timed out - server unknown.
I uninstalled the services on the NICs several times. I also removed and
reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole

server.
Does

anybody have an idea what else I can try? MS sites and Technet don't come up
with anything.

Thanks,
Claus

 

[Jetro]

Can you post 'ipconfig /all' and 'netdiag /debug /test:dns' output?

 

[cjobes]

Yeah sure, when I'm back at the test site. I'm not quite sure what this will
help. The configuration is as follows:
IP 192.168.1.101
NM 255.255.255.0
GW 192.168.1.1
DNS 65.100.16.25

These settings are reflected in the ipconfig /all result. Netdiag /test:dns
comes back with all pass.

I can ping the dns and other boxes in the same subnet can resolve. Nslookup
on the box in question times out - "could not retrieve server name for
65.100.16.25 unknown". Subsequent resolution requests (ping www.aaa.com)
come back with "host unknown".

Claus

 

[Jetro]

Can you change the DNS server? my nslookup output is followed:

server 65.100.16.25

Default Server: 65-100-16-25.cdrr.qwest.net
Address: 65.100.16.25

dell.ca

Server: 65-100-16-25.cdrr.qwest.net
Address: 65.100.16.25

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to 65-100-16-25.cdrr.qwest.net timed-out

 

[cjobes]

Yes I could change the DNS but all other boxes in the same subnet/workgroup
are resolving fine. This is the main DNS for my ISP. I believe that the
reason why it's timing out for you is that the ISP is blocking access from
outside their network. Can you ping the IP?

Just for the heck of it I did add a second one from one of my domains and
got the same result.

Claus

 

[Steven L Umbach]

Try entering an IP address in the address bar of IE to see if it brings up the
website or not out of curiosity such as 207.46.130.108 for Microsoft. Otherwise I
would resort to using a packet sniffer to see if and where dns requests are being
sent to and if they receive a response back or not. It might be worth a try to set
your dns address to the default gateway of the NAT router to see what happens as they
often act as a dns proxy in case that the ISP dns servers change address or are
own. --- Steve

It is definately the W2K server itself. This is a testlab setup with a few
computers in a workgroup. All have static private IP addresses in the same
subnet that connects through a NAT router to the broadband. So, from the
external DNS point of view all requests come from the same public IP. All
computers (except the W2K server) resolve names and the nslookup returns the
name of the DNS.

I've been in this business for 20 years and I have never encountered
anything like this. I've tried everything I can think of (run a repair,
removing hardware, reinstalling TCP, client and services etc.). Short of
rebuilding the box, I have no idea what else I can do. Rebuilding would be a
huge job with a whole bunch of server componants.

Any other idea?

Claus

Hmm. I only mention Winsock since more than a few users on the NG have had similar
problems in not being able to resolve domain names and it was Winsock problem though
that is usually caused by removing spyware though I have heard of issues with
software firewalls being removed doing the same. The only other thing I can think of
is the possibility requests are being blocked at the dns server by some sort of IP
filtering that would be specific to addresses in the range of the W2003 Server since
you indicate that it works fine for other computers. I would probably try running
Ethereal [free] on the W2003 server to capture a packet sequence just before you try
to do a dns name resolution attempt to see what is found and maybe do the same at the
same time on the dns server, possibly at a time when it is not being heavily used or
create a filter to capture traffic only to and from the W2003 Server. You could use
the built in netmon also if you installed it though I find Ethereal easier to use an
interpret the results. It is normal for nslookup to give you the message it gave you
about the dns server when you do not have a reverse zone configured as it is doing a
reverse query since you computer already knows the IP address of your preferred dns
server. However that will not prevent nslookup from being able to attempt and
successfully resolve names through your dns server if your server is in contact with
it AND it is working properly at that time, so go ahead and enter Microsoft.com or
such even with that nslookup error. Also keep in mind when testing dns name
resolution that Windows 2000 has a client dnscache that also caches failed queries so
you want to use ipconfig /flushdns between query attempts if trying to resolve the
same name. --- Steve

Steven,
Thanks for answering.

Yes, I can ping the DNS server. There is no IPSec in LSP nor is IP filtering
enabled.
Although there are 3 adapters present I only left one enabled. All relevant
services are running (netbios helper, dhcp client and dns client.

I tried safe mode with networking and have the same problem.There are no
errors that point to Winsock.

All tests with netdiag pass.

Any other idea?
Claus


Can you ping the dns server by it's ip address? Make sure that there is
not an ipsec
filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled on any of
the
adapters by looking in tcp/ip properties/advanced/options - tcp/ip
filtering for udp.
The adapter used for dns for the lan should be at the top of the list in
networking
properties/advanced settings. Run netdiag on the server and the dhcp
client, dns
client, and tcp/ip netbios helper services need to be set to automatic and
started.
If none of that helps try booting into safe mode with networking to see if
it works.
This is a long shot but there seems to be a lot of winsock corruption
going around
these days that is causing failure of dns name resolution. It is easy
enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

W2K server SP4 in a workgroup (Testlab). Ping works fine but nslookup or
any
name resolution fails. The server is not running DNS and points to a DNS
that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says that
the
request timed out - server unknown.
I uninstalled the services on the NICs several times. I also removed and
reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole server.
Does
anybody have an idea what else I can try? MS sites and Technet don't
come up
with anything.

Thanks,
Claus

 

[cjobes]

Yes, I get websites up with the IP address. The DNS is the current main DNS
for the ISP. All other computers in the subnet are using the same DNS and it
works fine.

Claus

Try entering an IP address in the address bar of IE to see if it brings up the
website or not out of curiosity such as 207.46.130.108 for Microsoft. Otherwise I
would resort to using a packet sniffer to see if and where dns requests are being
sent to and if they receive a response back or not. It might be worth a try to set
your dns address to the default gateway of the NAT router to see what happens as they
often act as a dns proxy in case that the ISP dns servers change address or are
own. --- Steve

It is definately the W2K server itself. This is a testlab setup with a few
computers in a workgroup. All have static private IP addresses in the same
subnet that connects through a NAT router to the broadband. So, from the
external DNS point of view all requests come from the same public IP. All
computers (except the W2K server) resolve names and the nslookup returns the
name of the DNS.

I've been in this business for 20 years and I have never encountered
anything like this. I've tried everything I can think of (run a repair,
removing hardware, reinstalling TCP, client and services etc.). Short of
rebuilding the box, I have no idea what else I can do. Rebuilding would be a
huge job with a whole bunch of server componants.

Any other idea?

Claus

Hmm. I only mention Winsock since more than a few users on the NG have

had
similar

problems in not being able to resolve domain names and it was Winsock problem though
that is usually caused by removing spyware though I have heard of

issues
with

software firewalls being removed doing the same. The only other thing

I
can think of

is the possibility requests are being blocked at the dns server by

some
sort of IP

filtering that would be specific to addresses in the range of the

W2003
Server since

you indicate that it works fine for other computers. I would probably

try
running

Ethereal [free] on the W2003 server to capture a packet sequence just before you try
to do a dns name resolution attempt to see what is found and maybe do

the
same at the

same time on the dns server, possibly at a time when it is not being heavily used or
create a filter to capture traffic only to and from the W2003 Server.

You
could use

the built in netmon also if you installed it though I find Ethereal

easier
to use an

interpret the results. It is normal for nslookup to give you the

message
it gave you

about the dns server when you do not have a reverse zone configured as

it
is doing a

reverse query since you computer already knows the IP address of your preferred dns
server. However that will not prevent nslookup from being able to

attempt
and

successfully resolve names through your dns server if your server is

in
contact with

it AND it is working properly at that time, so go ahead and enter Microsoft.com or
such even with that nslookup error. Also keep in mind when testing dns name
resolution that Windows 2000 has a client dnscache that also caches

failed
queries so

you want to use ipconfig /flushdns between query attempts if trying to resolve the
same name. --- Steve


Steven,
Thanks for answering.

Yes, I can ping the DNS server. There is no IPSec in LSP nor is IP filtering
enabled.
Although there are 3 adapters present I only left one enabled. All relevant
services are running (netbios helper, dhcp client and dns client.

I tried safe mode with networking and have the same problem.There are no
errors that point to Winsock.

All tests with netdiag pass.

Any other idea?
Claus


Can you ping the dns server by it's ip address? Make sure that

there
is

not an ipsec
filtering policy [look in Local Security Policy -secpol.msc under local
policies/security settings] and that IP filtering is not enabled

on
any of

the
adapters by looking in tcp/ip properties/advanced/options - tcp/ip
filtering for udp.
The adapter used for dns for the lan should be at the top of the

list
in

networking
properties/advanced settings. Run netdiag on the server and the dhcp
client, dns
client, and tcp/ip netbios helper services need to be set to

automatic
and

started.
If none of that helps try booting into safe mode with networking

to
see if

it works.
This is a long shot but there seems to be a lot of winsock corruption
going around
these days that is causing failure of dns name resolution. It is easy
enough to fix
as per the KB below. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;817571
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708

W2K server SP4 in a workgroup (Testlab). Ping works fine but nslookup or
any
name resolution fails. The server is not running DNS and points

to a
DNS

that other 2000 boxes point to as well.
When running nslookup it brings up the right IP address but says that
the
request timed out - server unknown.
I uninstalled the services on the NICs several times. I also

removed
and

reinstalled the NIC cards. I also run a repair.
Nothing seems to work and I really don't wont to wipe the whole server.
Does
anybody have an idea what else I can try? MS sites and Technet don't
come up
with anything.

Thanks,
Claus

 

[Jetro]

I do can ping, but the ping failed across the Internet is not a criterion.

Run 'nslookup -d2' and perform any query.

 

[Jetro]

Sorry )
I do can ping, but the ping failed across the Internet is not a criterion.

Run 'nslookup -d2' and perform any query.

 

[cjobes]

It times out. No matter what DNS I use.

 

[Jetro]

[...it brings up the right IP address but says that the request timed out -
server unknown...]

It sounds like a name resolution does works. Add some well-known records to
the hosts file.

 

[cjobes]

Yes, any record I put into the hosts file resolves. So what the heck is
going on? I have 4 other boxes in the same subnet, pointing to the same GW
and the same DNS. All of them have no problem contacting the DNS - except
this one W2K server.

 

[cjobes]

I gave up and rebuilt the server. I have no idea what this was. After
rebuilt it's working fine.

Claus