Recently, I implemented an instance of BIND that provides a "tailored" name
services for a private network connection between two organization. This
instance of BIND returns responses for a limited portion of our internal name
and address space that the other organization is permitted to access. For
names and addresses that they are not permitted to access, they are returned
responses similar to what our external name servers would return along with the
NS records for our external name servers.
Using "dig" I have verified that the correct answers are being returned.
A problem occurs with our Service Desk personnel that have Windows XP based
systems. If they use Microsoft's nslookup tool to verify what is being
returned to the other organization, they do not get the correct response even
when the use "server ns.azsd01.gd-ais.com" to set the default name server to be
used. While nslookup claims that it is accessing the correct server, the
response received is from the user's stub resolver cache or from our normal
internal name servers.
Inspecting the query log on the name server indicates that BIND never services
a request from the system running Microsoft's nslookup tool. In addition, using
tcpdump in controlled tests, I find that Microsoft's nslookup implementation
never sends any requests to any name server that is designated in a "server"
command unless it is one of the default name servers that the system would
normally use.
At one time, I thought that the following commands worked. However, in recent
tests, I've discovered that they are failing as well.
nslookup alliance.gd-ais.com ns.azsd01.gd-ais.com
nslookup alliance.gd-ais.com 10.21.101.2
Obviously, this is going to create a problem when Service Desk personnel need
to assist user's at the other organization as they will be unable to verify how
domain names and addresses are being resolved for the user.
Microsoft's nslookup is broken. What alternative applications that can be
installed and used in a Windows XP environment that will continue to work in a
Windows 7 environment after a decision is made to upgrade Windows?
--
Merton Campbell Crockett
[email protected]
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
