+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows Server 2008 R2 Thread, Occasional PCs picking up wrong DNS in Technical; Hi, I've three or four PCs that are picking up the wrong IP address for one of my servers. They ...
  1. #1

    Join Date
    Feb 2009
    Location
    UK
    Posts
    125
    Thank Post
    8
    Thanked 4 Times in 3 Posts
    Rep Power
    11

    Occasional PCs picking up wrong DNS

    Hi,

    I've three or four PCs that are picking up the wrong IP address for one of my servers. They can browse the server using mapped drives or by going to \\server1 in explorer but when I try to ping the server it attempts "pinging server1 [208.78.55.55]" and fails. The IP address shown is a completely incorrect address that is nothing like anything else on my network. I've looked at the DNS servers and the strange IP doesn't appear anywhere. I'm not sure where these machines have got that IP from? Thanks.

  2. #2

    Join Date
    May 2013
    Location
    Preston
    Posts
    26
    Thank Post
    27
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi,
    Check there are no static DNS entries in the TCP/IP settings.
    D

  3. #3

    Join Date
    Jan 2014
    Location
    Bournemouth
    Posts
    34
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    2
    Hi,

    Type "ipconfig /flushdns" into an administrative command prompt and see if that resolves it.

    If not:

    Go to C:\Windows\System32\Drivers\etc\ and open up the "hosts" file to see if there are any static DNS entries in there on the affected machines.

    If not:

    Check on the servers that run DNS (usually 2 of your DCs) and see if they have any static entries in their hosts file.

    If there were static entries pointing at an external server that you did not put there, you will want to have a look at how and why they got there as it is indicative of cache poisoning.

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,839
    Thank Post
    876
    Thanked 1,676 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    You can set DNS by group policy as well, might be worth a check. If not i would get Wireshark out and see if the DHCP server is sending out these incorrect addresses.

  5. #5
    free780's Avatar
    Join Date
    Sep 2012
    Posts
    911
    Thank Post
    41
    Thanked 69 Times in 66 Posts
    Rep Power
    18
    I believe the gp method only works for xp clients.

  6. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,839
    Thank Post
    876
    Thanked 1,676 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by free780 View Post
    I believe the gp method only works for xp clients.
    I wouldn't know to be honest. Never needed it.

  7. #7

    Join Date
    Feb 2009
    Location
    UK
    Posts
    125
    Thank Post
    8
    Thanked 4 Times in 3 Posts
    Rep Power
    11
    Quote Originally Posted by TraineeGeek View Post
    Hi,
    Check there are no static DNS entries in the TCP/IP settings.
    D
    Quote Originally Posted by JonDaviesBourne View Post
    Hi,

    Type "ipconfig /flushdns" into an administrative command prompt and see if that resolves it.

    If not:

    Go to C:\Windows\System32\Drivers\etc\ and open up the "hosts" file to see if there are any static DNS entries in there on the affected machines.

    If not:

    Check on the servers that run DNS (usually 2 of your DCs) and see if they have any static entries in their hosts file.

    If there were static entries pointing at an external server that you did not put there, you will want to have a look at how and why they got there as it is indicative of cache poisoning.
    Cheers, I already checked most of this and there's nothing unusual. Genuinely don't see where it's coming from!

  8. #8

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    2,712
    Thank Post
    144
    Thanked 548 Times in 492 Posts
    Rep Power
    149
    Is that an iSCSI address on a separate card/switch that's somehow ended up connecting into your network?

  9. #9

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,651
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    If you do an nslookup on the client getting the odd IP, is the DNS server replying with the same IP or the correct one?

  10. #10

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    Make sure DNS Scavenging is enabled too.
    Used to get this all the until we enabled this.

  11. #11

    Join Date
    Feb 2009
    Location
    UK
    Posts
    125
    Thank Post
    8
    Thanked 4 Times in 3 Posts
    Rep Power
    11
    Quote Originally Posted by localzuk View Post
    If you do an nslookup on the client getting the odd IP, is the DNS server replying with the same IP or the correct one?
    If I run "nslookup server1" I get the correct IP of the DNS server and then the incorrect IP on server1. Strangely this happens on my PC which actually pings server1 correctly.

  12. #12

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,651
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    OK. That means that the record exists somewhere on your DNS server then, rather than it being a client issue.

  13. #13

    Join Date
    Feb 2009
    Location
    UK
    Posts
    125
    Thank Post
    8
    Thanked 4 Times in 3 Posts
    Rep Power
    11
    Quote Originally Posted by localzuk View Post
    OK. That means that the record exists somewhere on your DNS server then, rather than it being a client issue.
    I've looked all over on both DNS servers and cannot see this record anywhere.

    I've ran a Wireshark capture and there's no mention of this IP address on that either.

  14. #14

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,651
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    What DNS server do your internal DNS servers forward to? Have you tried an nslookup direct to the upstream DNS server?

  15. #15

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,735
    Thank Post
    1,272
    Thanked 1,645 Times in 1,101 Posts
    Blog Entries
    22
    Rep Power
    505
    Well that's a public IP address right?. Check your forwarding config.

    Here's some lookups on that IP:

    IP Address Lookup - Whois by IP Address | Whois.net
    Network Tools: DNS,IP,Email

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. PCs Picking Up but Not Applying Group Policy
    By vebatro in forum Wired Networks
    Replies: 0
    Last Post: 2nd November 2011, 04:04 PM
  2. WSUS not picking up PCs
    By MK-2 in forum Windows
    Replies: 16
    Last Post: 22nd April 2010, 03:54 PM
  3. PC's randomly pick up wrong proxy address
    By wellscs in forum Windows
    Replies: 3
    Last Post: 22nd May 2008, 07:46 PM
  4. Replies: 1
    Last Post: 4th September 2007, 07:49 AM
  5. PC's not picking up group policy!
    By steelrazor in forum Windows
    Replies: 5
    Last Post: 11th October 2006, 12:06 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •