Windows – nslookup returns the right IP, ping still goes to the wrong ip

dnsjunipervpnwindows

Ok, so here's the setup. Laptop is connected to our company VPN (Juniper Network Connect 7.2.0). There are two DNS Search suffix's (domain1.com, domain2.local). From that laptop, while connected, nslookup polls the correct DNS server, returns the right IP. Pinging the IP works fine. Pinging the FQDN works fine. Pinging the unqualified domain name appears to be both using the hostname.domain.com suffix (even though that doesn't exist), and appears to be using the results from the local DNS server rather than the VPN DNS server.

More detail:

c:\> nslookup hostname
Server: hostname.domain2.local
Address: 10.0.0.10

Non-authoritative answer:
Name: hostname.domain2.local
Address: 10.0.0.10

c:\> nslookup hostname.domain2.local
Server: hostname.domain2.local
Address: 10.0.0.10

Non-authoritative answer:
Name: hostname.domain2.local
Address: 10.0.0.10

C:\> ping hostname

Pinging hostname.domain1.com [EXTERNAL/WRONG_IP] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for EXTERNAL/WRONG_IP:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\> ping hostname.domain2.local

Pinging hostname.domain2.local [10.0.0.10] with 32 bytes of data:
Reply from 10.0.0.10: bytes=32 time=50ms TTL=128
Reply from 10.0.0.10: bytes=32 time=50ms TTL=128
Reply from 10.0.0.10: bytes=32 time=47ms TTL=128
Reply from 10.0.0.10: bytes=32 time=50ms TTL=128

Ping statistics for 10.0.0.10:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 50ms, Average = 49ms

So here's what I've tried so far:

  1. ipconfig /flushdns
  2. netsh int ip reset all
  3. Verified that the network adapters are in the right priority order in the advanced settings
  4. Verified that the TCP/IP routes are correct
  5. Verified that the hostname isn't in the hosts file.

So… does anyone know why it still seems to be using the wrong DNS server?

Best Answer

Couple of possible things.

Try a route print and make sure that you don't have any static route in place which could be causing this.

Are you sure that "ping hostname" is being resolved by DNS and not WINS? If you can fully wualify and get a good result, but get a fail on shortname, it may well be a bad WINS record. Check your wins server and remove/correct any wrong records. also run NBTSTAT -RR on your mahcine

Check and adjust your DNS search order (covered in comments already by the looks of it)

Check you dont have a rogue HOSTS / LMHOSTS entry on your machine.

Related Question