Frequently, when you are trying to troubleshoot DNS problems, you will want to start on the client that is experiencing the problem. If you don't find a problem on the client, then try troubleshooting the DNS Server service.
If the problem has to do with a client not showing up in DNS, force the client to reregister itself in DNS by typing ipconfig /registerdns. This works only for dynamic updates. For clients with fixed IP addressing, you must create or update the A and PTR records.
If the problem has to do with the client making lookups, start by checking the DNS servers configured for the client to use. You can display this information by typing netsh interface ip show config. The output will show you the basic TCP/IP configuration including the primary DNS server for the client. If the DNS server is configured through DHCP, the output will look similar to the following:
Configuration for interface "Local Area Connection" DHCP enabled: Yes InterfaceMetric: 0 DNS servers configured through DHCP: 92.168.0.1 WINS servers configured through DHCP: 192.168.0.12 Register with which suffix: Primary only If the DNS server is configured locally, the output will look similar to the following: Configuration for interface "Local Area Connection" DHCP enabled: No IP Address: 192.168.1.50 SubnetMask: 255.255.255.0 Default Gateway: 192.165.1.1 GatewayMetric: 1 Statically Configured DNS Servers: 192.168.1.50 Statically Configured WINS Servers: 192.168.1.102 Register with which suffix: Primary only
If you see a problem with the client's DNS configuration, you can change a locally assigned DNS server IP address by typing the following command:
netsh interface ip set dns ConnectionName staticServerIPAddress
where ConnectionName is the name of the local area connection and ServerIPAddress is the IP address of the server, such as
netsh interface ip set dns "Local Area Connection" static 192.168.0.1
If you see a problem with a DHCP-assigned DNS server IP address, try renewing the client's IP address lease by typing ipconfig /renew.
If you don't see a problem with the client's DNS configuration, you will want to check the client's DNS resolver cache. All systems running Windows 2000 or later have a built-in DNS resolver cache that caches resource records from query responses that the DNS Client service receives. When performing lookups, the DNS client first looks in the cache. Records remain in the cache until one of the following events occurs:
Their Time to Live (TTL) expires.
The system or the DNS Client service is restarted.
The cache is flushed.
You can display the records in a cache by typing ipconfig /displaydns at the command prompt. Records in the cache look like this:
Windows IP Configuration 1.0.0.127.in-addr.arpa ---------------------------------------- Record Name........... : 1.0.0.127.in-addr.arpa. Record Type........... : 12 Time To Live.......... : 573686 Data Length........... : 4 Section............... : Answer PTR Record............ : localhost www.activetopic.com ---------------------------------------- Record Name........... : http://www.activetopic.com Record Type........... : 5 Time To Live.......... : 12599 Data Length........... : 4 Section............... : Answer CNAME Record ......... : activetopic.com
If you suspect a client has stale records in its cache, you can force it to flush the cache. Type ipconfig /flushdns at the command prompt.
Another useful command to use when troubleshooting DNS is NSLOOKUP. You can use NSLOOKUP to query the default DNS server of a client and check to see the actual records it is using. To perform a basic lookup simply follow NSLOOKUP with the FQDN of the host to look up. Consider the following example:
nslookup http://www.microsoft.com
The response shows the information that the default DNS server has on that host, such as
C:Documents and SettingsWS>nslookup http://www.microsoft.com DNS request timed out. timeout was 2 seconds. Non-authoritative answer: Name: www2.microsoft.akadns.net Addresses: 207.46.244.188, 207.46.156.252, 207.46.144.222, 207.46.245.92 207.46.134.221, 207.46.245.156, 207.46.249.252, 207.46.156.220 Aliases: http://www.microsoft.com, http://www.microsoft.akadns.net
If you want to look up a particular type of record, follow these steps:
Type nslookup at the command prompt. The prompt changes to nslookup>.
Type set query=RecordType, where RecordType is the type of record, such as set query=mx, set query=soa, or set query=ns.
Type the FQDN for the domain in which you want to search, such as microsoft.com.
The output shows you matching records in the specified domain, such as
microsoft.com MX preference = 10, mail exchanger = mailb.microsoft.com microsoft.com nameserver = dns1.cp.msft.net microsoft.com nameserver = dns1.dc.msft.net mailb.microsoft.com internet address = 131.107.3.122 mailb.microsoft.com internet address = 131.107.3.123