[Cialug] Bogus DNS

Hasler, Chris ChrisHasler at alliantenergy.com
Tue Apr 2 17:31:23 CDT 2013


What happens when you clean the DNS resolver cache on the Windows clients? 
At a command prompt: ipconfig /flushdns 

Chris H. 

-----Original Message-----
From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On Behalf Of L. V. Lammert
Sent: Tuesday, April 02, 2013 5:27 PM
To: Central Iowa Linux Users Group
Subject: [Cialug] Bogus DNS

OK, .. here's a problem someone may have run into:

I updated an external domain A record, .. and it is being pulled correctly by the site firewall and the three inside servers we manage.

Unfortunately, the Windoze clients [XP] keep coming up with the OLD IP!
Some were working correctly all day, and this afternoon they started to break - a little research showed they are getting the OLD IP for that hostname!

I hate to have the onsite chap put static IPs into all of the email clients, but we might have to if we can't get this resolved.

Has anyone ever seen this? The firewall is the DNS server for the entire site, and it is providing the correct IP (verified by dig@ from our servers).

It seems like there is some device on the network with a bad DNS configuration, pulling the old entry possibly from an internal cache?

Can't seem to find any clues on how to identify a rogue DNS server, .. all of the hints I see are about virus' & hijacking. [tcpdump would be possible, but it's a moot point as there is no traffic now and it would be nice to have some sort of answer before folks start coming in tomorrow].

	TIA,

	Lee
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list