Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ping and NSLOOKUP


  • Please log in to reply
7 replies to this topic

#1 DnDer

DnDer

  • Members
  • 646 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 24 July 2009 - 09:49 AM

I'm doing a license validation on a network using the MSIA tool, using IP ranges. I have at least two of them telling me that "network path could not be found."

I ping that IP address, and it responds. There is a computer there, and it's on. When I NSLOOKUP that same machine,

C:\Documents and Settings\[DnDer]>ping 10.18.1.1

Pinging 10.18.1.1 with 32 bytes of data:

Reply from 10.18.1.1: bytes=32 time=9ms TTL=254
Reply from 10.18.1.1: bytes=32 time=6ms TTL=254
Reply from 10.18.1.1: bytes=32 time=5ms TTL=254
Reply from 10.18.1.1: bytes=32 time=5ms TTL=254

Ping statistics for 10.18.1.1:
	Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
	Minimum = 5ms, Maximum = 9ms, Average = 6ms

C:\Documents and Settings\[DnDer]>nslookup 10.18.1.1
Server:  [Domain Controller]
Address:  [DC's IP]

*** [Domain Controller] can't find 10.18.1.1: Non-existent domain

I don't what's happening... If there's a computer on the domain, it has to have a name, even if it's a string of letters and numbers that MS generates automatically on OS install, right? NSLOOKUP should give me a name for this PC - and if I can get the name then I can go to the computer physically and get what MSIA won't.

BC AdBot (Login to Remove)

 


m

#2 zesler

zesler

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 24 July 2009 - 12:16 PM

I'm doing a license validation on a network using the MSIA tool, using IP ranges. I have at least two of them telling me that "network path could not be found."

I ping that IP address, and it responds. There is a computer there, and it's on. When I NSLOOKUP that same machine,

C:\Documents and Settings\[DnDer]>ping 10.18.1.1

Pinging 10.18.1.1 with 32 bytes of data:

Reply from 10.18.1.1: bytes=32 time=9ms TTL=254
Reply from 10.18.1.1: bytes=32 time=6ms TTL=254
Reply from 10.18.1.1: bytes=32 time=5ms TTL=254
Reply from 10.18.1.1: bytes=32 time=5ms TTL=254

Ping statistics for 10.18.1.1:
	Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
	Minimum = 5ms, Maximum = 9ms, Average = 6ms

C:\Documents and Settings\[DnDer]>nslookup 10.18.1.1
Server:  [Domain Controller]
Address:  [DC's IP]

*** [Domain Controller] can't find 10.18.1.1: Non-existent domain

I don't what's happening... If there's a computer on the domain, it has to have a name, even if it's a string of letters and numbers that MS generates automatically on OS install, right? NSLOOKUP should give me a name for this PC - and if I can get the name then I can go to the computer physically and get what MSIA won't.

If its a win xp machine right click on my computer and select properties. Select the computer name tab and compare the domains. Also try entering netstat without an IP address
Posted Image

#3 DnDer

DnDer
  • Topic Starter

  • Members
  • 646 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 24 July 2009 - 01:30 PM

What am I looking for in NETSTAT? Here's the output from one of the computers - I remoted into it.

C:\Documents and Settings\[DnDer]>netstat

Active Connections

  Proto  Local Address		  Foreign Address		State
  TCP	[Computer Name]:1055	  10.1.3.30:ldap		 CLOSE_WAIT
  TCP	[Computer Name]:4948	  10.1.3.30:epmap		TIME_WAIT
  TCP	[Computer Name]:4949	  10.1.3.30:1026		 TIME_WAIT
  TCP	[Computer Name]:4954	  10.1.3.30:microsoft-ds  TIME_WAIT
  TCP	[Computer Name]:4957	  10.1.3.30:1026		 TIME_WAIT
  TCP	[Computer Name]:4960	  10.1.3.30:ldap		 TIME_WAIT
  TCP	[Computer Name]:4962	  10.1.3.30:ldap		 TIME_WAIT
  TCP	[Computer Name]:4963	  10.1.3.30:microsoft-ds  TIME_WAIT
  TCP	[Computer Name]:4966	  10.1.3.11:microsoft-ds  TIME_WAIT
  TCP	[Computer Name]:4970	  10.1.3.30:ldap		 TIME_WAIT
  TCP	[Computer Name]:4971	  [domain controller 1].[domain].local:microsoft-ds  ESTABLISHED
  TCP	[Computer Name]:4974	  [domain controller 2].[domain].local:microsoft-ds  ESTABLISHED
  TCP	[Computer Name]:4977	  [domain controller 2].[domain].local:http  ESTABLISHED
  TCP	[Computer Name]:4980	  10.1.3.30:ldap		 TIME_WAIT
  TCP	[Computer Name]:4981	  10.1.3.11:microsoft-ds  TIME_WAIT
  TCP	[Computer Name]:4985	  10.1.3.30:ldap		 TIME_WAIT
  TCP	[Computer Name]:5900	  [DnDer's Comp].[domain].local:1688   ESTABLISHED
  TCP	[Computer Name]:5152	  localhost:4331		 CLOSE_WAIT

C:\Documents and Settings\[DnDer]>

Also, there's one more oddity that I've never seen before, and it might help explain some things, but I don't know... Same computer, but this command prompt was run from my desktop.


C:\Documents and Settings\[DnDer]>C:\Documents and Settings\[DnDer]>nslookup 10.2.10.64
Server:  [doman controller 2].[doman].local
Address:  10.1.3.2

Name:   [wrong computer name].[doman].local
Address:  10.2.10.64


C:\Documents and Settings\[DnDer]>ping [name I installed OS with]

Pinging [name I installed OS with].[doman].local [10.2.10.64] with 32 bytes of data:

Reply from 10.2.10.64: bytes=32 time=8ms TTL=126
Reply from 10.2.10.64: bytes=32 time=8ms TTL=126
Reply from 10.2.10.64: bytes=32 time=7ms TTL=126
Reply from 10.2.10.64: bytes=32 time=8ms TTL=126

Ping statistics for 10.2.10.64:
	Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
	Minimum = 7ms, Maximum = 8ms, Average = 7ms

C:\Documents and Settings\[DnDer]>

The NSLOOKUP gives me a different DNS name than the DNS name I gave the computer when I last reimaged it. But both names come back to the same IP address. Can't say I've ever seen that before.

#4 zesler

zesler

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 24 July 2009 - 01:43 PM

Its possible that the other computer is on a different part of the network and your unable to connect. What is the subnet mask of all the devices in question?
Posted Image

#5 DnDer

DnDer
  • Topic Starter

  • Members
  • 646 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 24 July 2009 - 02:02 PM

The computers I'm using and trying to connect to are all 255.255.0.0 for the subnets.

#6 zesler

zesler

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 24 July 2009 - 02:20 PM

The computers I'm using and trying to connect to are all 255.255.0.0 for the subnets.

That's strange how NSlookup doesn't work on different network nodes, although it works on-line....

From the looks of it, the nsloopup doesn't work on different parts of networks(from what you've told me). Your network segment is the first two sets of numbers, called octets. Like 10.1. Another possible issue is that your using private address, although I doubt this is the case, since this is one giant private network right? The computer your connecting to isn't in some other place?
Posted Image

#7 DnDer

DnDer
  • Topic Starter

  • Members
  • 646 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 24 July 2009 - 03:02 PM

The computer is in another physical location.

My CIO dug through our DNS server. There are leftover records in forward and reverse lookup for the Services and Applications in the Management Console. Several different computer names have been tied to the same address in the server. We have to delete the entries and wait for it to propigate down to all our servers before it should correct itself.

Sound about right?

#8 zesler

zesler

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 24 July 2009 - 08:11 PM

The computer is in another physical location.

My CIO dug through our DNS server. There are leftover records in forward and reverse lookup for the Services and Applications in the Management Console. Several different computer names have been tied to the same address in the server. We have to delete the entries and wait for it to propigate down to all our servers before it should correct itself.

Sound about right?

Yeah that will cause lots of problems :D Different computers with same addresses will have issues.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users