none
DNSServer can't find localhost: Non-existent domain

    Question

  • Somebody can explain this?


    C:\>nslookup
    Default Server:  major.domain.local
    Address:  192.168.2.8

    > set d2
    > localhost
    Server:  major.domain.local
    Address:  192.168.2.8

    ------------
    SendRequest(), len 39
        HEADER:
            opcode = QUERY, id = 2, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            localhost.domain.local, type = A, class = IN

    ------------
    ------------
    Got answer (103 bytes):
        HEADER:
            opcode = QUERY, id = 2, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            localhost.domain.local , type = A, class = IN
        AUTHORITY RECORDS:
        ->  domain.local
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = major.domain.local
            responsible mail addr = hostmaster.domain.local 
            serial  = 83592
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    *** major.domain.local can't find localhost: Non-existent domain
    > localhost.
    Server:  major.domain.local
    Address:  192.168.2.8

    ------------
    SendRequest(), len 27
        HEADER:
            opcode = QUERY, id = 3, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            localhost, type = A, class = IN

    ------------
    ------------
    Got answer (43 bytes):
        HEADER:
            opcode = QUERY, id = 3, rcode = NOERROR
            header flags:  response, want recursion, recursion avail.
            questions = 1,  answers = 1,  authority records = 0,  additional = 0

        QUESTIONS:
            localhost, type = A, class = IN
        ANSWERS:
        ->  localhost
            type = A, class = IN, dlen = 4
            internet address = 127.0.0.1
            ttl = 600 (10 mins)

    ------------
    Non-authoritative answer:
    Name:    localhost
    Address:  127.0.0.1
    >exit
    C:\>

    File %systemroot%\system32\drivers\etc\hosts contain:
    127.0.0.1       localhost
    ::1                localhost


    WHY by default it add local domain suffics to DNS query for localhost? But if i add . to "localhost" it do it right?


    Regards, Dmitriy Ilyin
    Saturday, April 24, 2010 1:20 PM

All replies

  • Also maybe this info would be helpfull:

    C:\>ipconfig /flushdns

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    C:\>ipconfig /displaydns

    Windows IP Configuration

        1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
        ----------------------------------------
        Record Name . . . . . : 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.
        Record Type . . . . . : 12
        Time To Live  . . . . : 593338
        Data Length . . . . . : 4
        Section . . . . . . . : Answer
        PTR Record  . . . . . : localhost


        1.0.0.127.in-addr.arpa
        ----------------------------------------
        Record Name . . . . . : 1.0.0.127.in-addr.arpa.
        Record Type . . . . . : 12
        Time To Live  . . . . : 593338
        Data Length . . . . . : 4
        Section . . . . . . . : Answer
        PTR Record  . . . . . : localhost


        localhost
        ----------------------------------------
        Record Name . . . . . : localhost
        Record Type . . . . . : 1
        Time To Live  . . . . : 593338
        Data Length . . . . . : 4
        Section . . . . . . . : Answer
        A (Host) Record . . . : 127.0.0.1


        localhost
        ----------------------------------------
        Record Name . . . . . : localhost
        Record Type . . . . . : 28
        Time To Live  . . . . : 593338
        Data Length . . . . . : 16
        Section . . . . . . . : Answer
        AAAA Record . . . . . : ::1

    C:\>


    Regards, Dmitriy Ilyin
    Saturday, April 24, 2010 1:30 PM
  • Hi,

     

    Thank you for your post here.

     

    I think it should be expected that the DNS client will append the system suffix and try to resolve the FQDN localhost.domain.local when you attempt to resolve Localhost (single label name) from a domain joined computer. If you Nslookup Localhost on a workgroup client (with no system suffix) you will be able to resolve it properly.

     

    When you add . after localhost, system will consider as a non-single label name hostname and will not append system suffix behind it.

     

     

    If you have any questions or concerns, please do not hesitate to let me know.

     

     

    • Marked as answer by Dmitriy Ilyin Monday, April 26, 2010 8:47 AM
    • Unmarked as answer by Dmitriy Ilyin Tuesday, April 27, 2010 8:11 AM
    Monday, April 26, 2010 6:45 AM
  • Miles, thanks! You was right! The difference was that machines not joined domain resolve localhost correct. But domain machines are not.

    Well, then the question is: how i can prevent adding domain siffuxes to localhost on domain joined machines?


    Regards, Dmitriy Ilyin
    Monday, April 26, 2010 8:16 AM
  • Well, i think i found solution.
    Just need to add another DNS suffix - .

    And place it before others.

    UPDATED
    In my case this workaround was not acceptable :(.


    Regards, Dmitriy Ilyin
    • Edited by Dmitriy Ilyin Tuesday, April 27, 2010 7:28 AM workaround for me
    Monday, April 26, 2010 8:45 AM
  • Hi,

    Thank you for your post here.
    I thought that the following information will be useful:

    The DNS client resolver cache stores entries for both successful and unsuccessful DNS name resolutions. A name that was queried but was not successfully resolved is known as a negative cache entry.  

    The following list describes the attributes of the DNS client resolver cache:

    • It is built dynamically from the Hosts file and from DNS queries.  

    • Entries obtained from DNS queries are kept only for a period of time known as the Time to Live (TTL), which is set by the DNS server that has the name-to-IP address mapping stored in a local database.

    • Entries obtained from the Hosts file do not have a TTL and are kept until the entry is removed from the Hosts file.

     

    Tuesday, April 27, 2010 6:43 AM
  • Anand, thanks for reply.
    I read this http://technet.microsoft.com/en-us/library/cc775637(WS.10).aspx and has some questions...

    In this article:
    In general, the DNS query process occurs in two parts:
    - A name query begins at a client computer and is passed to a resolver, the DNS Client service, for resolution.
    - When the query cannot be resolved locally, DNS servers can be queried as needed to resolve the name.
    If the query does not match an entry in the cache, the resolution process continues with the client querying a DNS server to resolve the name.

    Well, but in my case i have local cashed DNS records.

    Question: why dns resolver did not use local cashe?

    UPDATED:
    Miles, sory but i should uncheck your post as answer (but mark it as usefull) because problem some deeper then just domain joined. Maybe some GPO?


    Regards, Dmitriy Ilyin
    • Edited by Dmitriy Ilyin Tuesday, April 27, 2010 8:11 AM updated
    Tuesday, April 27, 2010 7:27 AM
  • If I understand your question right, the nslookup.exe doesn't use the local resolver cache or the host file.

    Per your initial steps I see that you are trying to do an extensive debugging using nslookup and Nslookup is used to directly query the DNS servers for resolving the names.

    I hope this helps. Please let us know if you have further questions.

    Thursday, May 13, 2010 4:13 AM
  • Hi Dmitriy,

    I thought the following KB might provide more clarity.

    http://support.microsoft.com/kb/200525

    The following excerpt from the KB article is worth looking into:

    The first time a query is made for a remote name, the answer is authoritative, but subsequent queries are nonauthoritative. The first time a remote host is queried, the local DNS server contacts the DNS server that is authoritative for that domain. The local DNS server will then cache that information, so that subsequent queries are answered nonauthoritatively out of the local server's cache.

    I'm trying to relate this to your initial post of performing a debug output using nslookup where you had got a non-authoritative response.

     

    Thursday, May 13, 2010 4:25 AM
  • Hi Anand,
    Yes, you understand my question correct.
    Thanks for KB. I read it.

    May be i should describe my initial problem that forced me to start this thread. Because it can be out of problems with DNS.

    Lets say that we have some selfmade tool that connect to http://localhost/ and get some data.
    We couldn't use boxes DNS names because it (localhost query) hardcoded.
    The broblem is that when we try to access http://localhost/ all requests go to our firewall (default gateway). And we get 403 (firewall is Lunix machine and has apache server).






    Regards, Dmitriy Ilyin
    Thursday, May 13, 2010 6:26 AM
  • Where is the website hosted? Is it on the same box as the selfmade tool?
    Thursday, May 13, 2010 7:25 AM
  • yes. sure. IIS on the same box.
    Regards, Dmitriy Ilyin
    Thursday, May 13, 2010 7:54 AM
  • On Thu, 13 May 2010 07:54:00 +0000, Dmitriy Ilyin wrote:
     
    >yes. sure. IIS on the same box.
    >Regards, Dmitriy Ilyin
     
    Dmitriy,
     
    Is there a Proxy entry in IE? If so, or possibly, is there a GPO
    providing a Proxy entry for IE?
     
    As for using nslookup on a machine with no Primary DNS Suffix, (which
    results in no Search Suffix), localhost should resolve to 127.0.0.1.
    If tested on a joined machine, which of course will have the domain's
    zone as the Primary DNS Suffix, as well as the same zone name as the
    Search Suffix, then you will need the period, otherwise it is
    suffixing the zone name to the query. The period prevents that. This
    is default behavior.
     
    You had already mentioned you had added a suffix, but what suffix did
    you add? By default, the domain's zone is the Search Suffix.
     
    I believe this is not related to trying to get to the localhost using
    IE, meaning that you are trying to access the web server on the
    machine itself, and not elsewhere. IE will recognize to look at the
    local machine using localhost, so I am not sure why it will be
    resolving to the router/firewall.
     
    Are you using the Linux box for DNS in the machine's IP properties? If
    the machine is joined, and you use a period, it will send the query to
    the Linux box, if it is using the LInux box as the first DNS entry in
    its config. That *may* explain why you are getting the HTTP 403
    (forbidden) in the response, unless the self-made app is misconfgured?
    Based on what's been transpired in this thread, regarding the way IE
    is handling it, it *appears* to be more of a Proxy setting. Otherwise,
    and I'm just conjecturing here since I don't know anything about the
    app that's being used, if the app is set to use a non-default web
    port (other than 80 or 443) and it tries to connect to the self-made
    app on some other port, it would need to be stated in the URL.
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Monday, May 17, 2010 4:18 PM
  • Hi,

    Create reverse lookup zone on the DNS server and create PTR record, it will resolve the "nslookup error unknown can't find non-existent domain"


    Dinesh S.

    Thursday, March 29, 2012 11:41 AM