Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthormkrawats
    • CommentTimeOct 5th 2011
     permalink
    I am the admin of the yurcor.com domain.

    Recently, OpenDNS has started to resolve all our server names to OpenDNS 67.215.65.132. This is bad. Our name should resolve to our webserver at 64.135.11.21. All our customers using OpenDNS cannot access our site.

    When the lookup is performed using non OpenDNS DNS server such as Comcast's DNS server, it resolves correctly. See output below
    __
    nslookup clearpath.yurcor.com 75.75.75.75
    Server: cdns01.comcast.net
    Address: 75.75.75.75

    Non-authoritative answer:
    Name: iisnlb01.yurcor.com
    Address: 64.135.11.21
    Aliases: clearpath.yurcor.com
    __

    But when we lookup using OpenDNS DNS server, it resolves incorrectly. See output below.

    __
    nslookup clearpath.yurcor.com 208.67.222.222
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: clearpath.yurcor.com.krawatsky
    Address: 67.215.65.132
    __

    Why is this happening? How do we resolve this?
    • CommentAuthormkrawats
    • CommentTimeOct 5th 2011
     permalink
    When we test using Goggle's public DNS server, we receive the correct response.

    nslookup clearpath.yurcor.com 8.8.8.8
    Server: google-public-dns-a.google.com
    Address: 8.8.8.8

    Non-authoritative answer:
    Name: iisnlb01.yurcor.com
    Address: 64.135.11.21
    Aliases: clearpath.yurcor.com
    __
    Why does only OpenDNS return the incorrect answer?
    • CommentAuthormkrawats
    • CommentTimeOct 5th 2011 edited
     permalink
    My apologies. When we rerun the query using the extra dot, we receive the correct answer.

    __
    nslookup clearpath.yurcor.com. 208.67.222.222
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: iisnlb01.yurcor.com
    Address: 64.135.11.21
    Aliases: clearpath.yurcor.com
    __
    • CommentAuthorrotblitz
    • CommentTimeOct 5th 2011 edited
     permalink
    Yes, sure, clearpath.yurcor.com.krawatsky is not what you wanted to resolve, isn't it? :wink:

    And, did you look what 67.215.65.132 is for?

    nslookup 67.215.65.132
    Server: localhost
    Address: 127.0.0.1

    Name: hit-nxdomain.opendns.com
    Address: 67.215.65.132

    Aha, well done, OpenDNS! :tongue:

    "All our customers using OpenDNS cannot access our site."

    What? Really? :shocked: :wink:
    Never ever make such untrue statements just to attract attention. Never! :devil:
    It is then too simple to just say: "Liar!"
    http://www.DownForEveryoneOrJustMe.com/yurcor.com

    "How do we resolve this?"

    Well, you may want to add krawatsky to your list of VPN exceptions, then it may even work without the trailing dot to make a domain an FQDN...

    No matter, you'll still be sending out clearpath.yurcor.com.krawatsky to *every* DNS service. Your general problem is still not solved to keep your internal lookups internally, but you present them to the world... :shocked:

    Edit:
    Ha, just seeing: http://forums.opendns.com/comments.php?DiscussionID=11665
    • CommentAuthorarva
    • CommentTimeOct 11th 2011
     permalink
    well i have a kind of the same problem for some rason when i do a query in windows client i get my own dns domain in the end of the name and also the ip of opendsn

    so if i do nslookup sonera.fi

    name: sonera.fi.arvekari.fi
    Address: 67.215.65.132

    before this has worked as it shoud but now with open dns i have a problem and the service in this way is useless ...
    • CommentAuthorrotblitz
    • CommentTimeOct 11th 2011 edited
     permalink
    You must append a trailing dot to the domain name to make it an FQDN, as documented by Microsoft. Else it appends your DNS search suffixes if you have some defined, in your case sonera.fi.arvekari.fi. And this domain/zone does exist, but has no IP address assigned to it, i.e. no A record.

    nslookup sonera.fi.
    Server: localhost
    Address: 127.0.0.1

    Non-authoritative answer:
    Name: sonera.fi
    Address: 194.251.244.241

    nslookup sonera.fi.arvekari.fi.
    Server: localhost
    Address: 127.0.0.1

    Name: sonera.fi.arvekari.fi

    "the service in this way is useless ..."

    Hmm, DNS is never useless. Hard to use the internet without DNS, no matter what service you use.
    And if you don't like it this way, use it the other: disable typo correction and the OpenDNS proxy under Advanced settings, and you get what you expected.
    Thankful People: deanmachine
    • CommentAuthorarva
    • CommentTimeOct 11th 2011
     permalink
    yes i didn't mean that dns is in general useless ... but opendns is but actually the aswer what i were looking for was that there is a setting that fixes this (the typo correction) the appned in the other hand is strange becaus ei tought i disabled the appending of the domain in the dns lookupÄ and append that it does is not even my own fqdn domain. witch is wierd ... oh well now it works like i wanted to.

    Thanks ...
    • CommentAuthorrotblitz
    • CommentTimeOct 12th 2011
     permalink
    "oh well now it works like i wanted to."

    So, you really want to look up rubbish like sonera.fi.arvekari.fi ? You better removed your "DNS search suffixes" unless you really need them and know what they are good for.
  1.  permalink
    This is one reason 80-90% of all DNS traffic is junk.
    Thankful People: rotblitz

This discussion has been inactive for longer than 30 days, and is thus closed.