DNS client fails to resolve name

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

This problem may occur when a user is trying to access another computer on the intranet or the Internet. A user typically receives a Domain Name System (DNS) error from the operating system or the browser.

Cause

Several problems can cause DNS name resolution to fail. If you have reviewed the topics for other problems in Troubleshooting Domain Name System Problems and they do not seem to be the cause of the problem, DNS settings might be configured incorrectly on the DNS client.

Solution

Verify that the client does not have an external DNS server, such as a DNS server from an Internet service provider (ISP), in its TCP/IP configuration. In most cases, the client should not use a DNS server from an ISP as either the preferred or alternate DNS server, because the DNS server at the ISP is unable to resolve internal names. Using a DNS server from an ISP in a client's TCP/IP configuration can also cause problems with conflicting internal and external namespaces.

To verify DNS configuration in TCP/IP settings

  1. Log on to the DNS client computer with the Administrator account.

  2. Click Start, click Control Panel, and then double-click Network Connections.

  3. In Network and Dial-up Connections, right-click the local area connection that you want, and then click Properties.

  4. In Local Area Network Connection Properties, click Internet Protocol (TCP/IP), and then click Properties.

  5. Ensure that the appropriate DNS server IP addresses are configured in Preferred DNS server and Alternate DNS server. If Obtain an IP address automatically is selected, click the Alternate Configuration tab, and then review all the IP settings that are configured there.

  6. Type the following at a command prompt, and then press ENTER:

    ipconfig /all

  7. Review the DNS server settings, and verify that they are correct.

    1. If the DNS server settings are not correct, ensure the appropriate settings are configured on the Dynamic Host Configuration Protocol (DHCP) server.

    2. If your computer has an IP address that begins with 169.254, it is not obtaining an IP address from a DHCP server and likely does not have Alternate Configuration enabled. In this case, diagnose the issue with the DHCP server or set an appropriate static IP address either directly or as an alternate configuration.

Next, use the following procedure to verify that the name can be resolved by the DNS server.

To verify name resolution

  • At a command prompt, type the following command, and then press ENTER:

    nslookuphost_nameserver_IP_address

Substitute the actual host name that you are trying to resolve for host_name and the IP address of the DNS server for server_IP_address. For example, if the host name that you are trying to resolve has a fully qualified domain name (FQDN) of server5.contoso.com and the DNS server's IP address is 192.168.0.200, type the following command, and then press ENTER:

nslookup server5 192.168.0.200

You can also try using the FQDN:

nslookup server5.contoso.com 192.168.0.200

If the host name alone does not resolve, but the FQDN does resolve, confirm that the primary or connection-specific DNS suffix is configured correctly. You can use the following procedure to add a DNS suffix search list.

To add a DNS suffix search list

  1. Click Start, right-click My Network Places, and then click Properties.

  2. Right-click Local Area Connection, and then click Properties.

  3. Double-click Internet Protocol (TCP/IP), and then click Advanced.

  4. Click the DNS tab, and then click Append these DNS suffixes (in order).

  5. Click Add, type the domain suffix of the desired domain, and then click Add.

If both Nslookup commands fail to resolve the name, the problem is likely with the DNS server records or configuration, or it may be the result of a connectivity issue between the DNS client and DNS server, such as a firewall blocking DNS queries (which are typically offered on TCP port 53). You can use the Portqry tool to test network connectivity between two computers. For more information about downloading and using Portqry, see article 832919 in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=111855).

If the connection is not successful, look for a firewall on the DNS client, DNS server, or somewhere between the two that could cause the connection failure. If you are diagnosing a connection failure between two computers, you can try using the Portqry tool to test it. For more information about downloading and using Portqry, see article 832919 in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=111855).

If Portqry fails, there may be a connectivity issue between the computers. You can try using the Tracert or Pathping tools to find out where the failure exists. However, these tools are not always reliable because many hosts and servers disable the Internet Control Message Protocol (ICMP) echo functionality on which these tools depend. However, using one of these tools may help locate the source of a problem. For more information about using Tracert, see article 314868 in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=111861). For information about using Pathping, see Pathping (https://go.microsoft.com/fwlink/?LinkId=111864)

Note

If you locate and correct any issues on the DNS server, it is probable that your client computer cached the incorrect information, and your name resolution queries may still fail. To resolve this issue, clear the DNS client resolve cache on the client computer. To clear the cache, type the following command at a command prompt, and then press ENTER: Ipconfig /flushdns

For additional information about troubleshooting the DNS client configuration, see Validate DNS Client Settings (https://go.microsoft.com/fwlink/?LinkId=111865).