Remove From My Forums

Powershell output in Exchange Management Shell differs from Powershell

Question
0

Sign in to vote

Hey guys,

Didn't know where to put this but here goes. I'm running a PS script to add IP adresses to a receive connector. However, it seems that the output get's cut off once in a while, this is vague but it is what happens. At times the command only outputs around 30 addresses. When I close and start PS again it will output the normal 50+. Starting as admin or not makes no difference. We use this same script on 50+ servers without error. Only on this one. I have compared the script a few times with different sources but see no difference. I do have to note this server's locate is Dutch.

The code:
$ips = [System.Net.Dns]::GetHostAddresses("delivery.antispamcloud.com") | select IPAddressToString

Tuesday, August 27, 2019 9:00 PM

Answers

That number (50) leads me to believe you're dealing with some sort of DNS issue.

Using a selection of publicly accessible DNS servers in the code below, I get a much different count of "A" records than you do. But even using those servers the number of A records returned differs by quite a bit. That may be due to the DNS servers optimizing the set of records based on geography.

$Servers = @{
    'Google Public DNS(1)'='8.8.8.8';
    'Google Public DNS(2)'='8.8.4.4';
    'Open DNS(1)'='208.67.222.222';
    'Open DNS(2)'='208.67.222.220';
    'Open DNS Family Shield(1)'='208.67.222.123';
    'Open DNS Family Shield(2)'='208.67.220.123';
    'Norton ConnectSafe - Level1(1)'='199.85.126.10';
    'Norton ConnectSafe - Level1(2)'='199.85.127.10';
    'Norton ConnectSafe - Level2(1)'='199.85.126.20';
    'Norton ConnectSafe - Level2(2)'='199.85.127.20';
    'Norton ConnectSafe - Level3(1)'='199.85.126.30';
    'Norton ConnectSafe - Level3(2)'='199.85.127.30';
    'Level3 DNS(1)'='209.244.0.3';
    'Level3 DNS(2)'='209.244.0.4';
    'Comodo Secure DNS(1)'='8.26.56.26';
    'Comodo Secure DNS(2)'='8.20.247.20';
    'DNS Advantage(1)'='156.154.70.1';
    'DNS Advantage(2)'='156.154.71.1';
    'OpenNIC(1)'='46.151.208.154';
    'OpenNIC(2)'='128.199.248.105';
    'Safe DNS(1)'='195.46.39.39';
    'Safe DNS(2)'='195.46.39.40';
}

$servers.Keys|
    sort |
        Foreach{
            $ips = (nslookup -type=A -server delivery.antispamcloud.com  $servers.$_ 2>Out-Null).count
            "{0}`t{1,20}`t{2}" -f $ips,$Servers.$_,$_
        }

Here are the results of using those DNS servers:

94	          8.26.56.26	Comodo Secure DNS(1)
94	         8.20.247.20	Comodo Secure DNS(2)
264	        156.154.70.1	DNS Advantage(1)
264	        156.154.71.1	DNS Advantage(2)
264	             8.8.8.8	Google Public DNS(1)
264	             8.8.4.4	Google Public DNS(2)
264	         209.244.0.3	Level3 DNS(1)
264	         209.244.0.4	Level3 DNS(2)
264	       199.85.126.10	Norton ConnectSafe - Level1(1)
264	       199.85.127.10	Norton ConnectSafe - Level1(2)
264	       199.85.126.20	Norton ConnectSafe - Level2(1)
264	       199.85.127.20	Norton ConnectSafe - Level2(2)
264	       199.85.126.30	Norton ConnectSafe - Level3(1)
264	       199.85.127.30	Norton ConnectSafe - Level3(2)
264	      208.67.222.123	Open DNS Family Shield(1)
264	      208.67.220.123	Open DNS Family Shield(2)
264	      208.67.222.222	Open DNS(1)
264	      208.67.222.220	Open DNS(2)
9	      46.151.208.154	OpenNIC(1)
9	     128.199.248.105	OpenNIC(2)
264	        195.46.39.39	Safe DNS(1)
264	        195.46.39.40	Safe DNS(2)

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Marked as answer by Fr0ns Thursday, August 29, 2019 9:23 AM

Wednesday, August 28, 2019 2:57 AM

All replies

1

Sign in to vote

Output is controlled by screen width. You need to understand the relation between the screen (console) and the format of the output. Search for posts that will help you to understand this.

You can use "Format-List" to overcome most screen limits.

The code you posted does not cut off output. The issue you are having is due to the DNS server you are querying. You may have multiple DNS servers that are out-of-sync. Contact you network admins for help.

The following line will give an accurate count of addresses:

([System.Net.Dns]::GetHostAddresses("delivery.antispamcloud.com").IPAddressToString).Count

\_(ツ)_/

Tuesday, August 27, 2019 9:33 PM
1

Sign in to vote

You my have a corrupted DNS cache on one of your DNS servers. Either clear the cache on each DNS server or restart the DNS service.

Or it may be a local DNS client cache that's the problem. Clear that on the server running the PS script.

There's no way (that I know of) to control which DNS server is used by the GetHostAddress method of the System.Net.DNS class.

You can specify a specific DNS server with Powershell's Resolve-DNSName, but it'll only return a maximum of 25 IP addresses.
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Tuesday, August 27, 2019 9:35 PM

That number (50) leads me to believe you're dealing with some sort of DNS issue.

$Servers = @{
    'Google Public DNS(1)'='8.8.8.8';
    'Google Public DNS(2)'='8.8.4.4';
    'Open DNS(1)'='208.67.222.222';
    'Open DNS(2)'='208.67.222.220';
    'Open DNS Family Shield(1)'='208.67.222.123';
    'Open DNS Family Shield(2)'='208.67.220.123';
    'Norton ConnectSafe - Level1(1)'='199.85.126.10';
    'Norton ConnectSafe - Level1(2)'='199.85.127.10';
    'Norton ConnectSafe - Level2(1)'='199.85.126.20';
    'Norton ConnectSafe - Level2(2)'='199.85.127.20';
    'Norton ConnectSafe - Level3(1)'='199.85.126.30';
    'Norton ConnectSafe - Level3(2)'='199.85.127.30';
    'Level3 DNS(1)'='209.244.0.3';
    'Level3 DNS(2)'='209.244.0.4';
    'Comodo Secure DNS(1)'='8.26.56.26';
    'Comodo Secure DNS(2)'='8.20.247.20';
    'DNS Advantage(1)'='156.154.70.1';
    'DNS Advantage(2)'='156.154.71.1';
    'OpenNIC(1)'='46.151.208.154';
    'OpenNIC(2)'='128.199.248.105';
    'Safe DNS(1)'='195.46.39.39';
    'Safe DNS(2)'='195.46.39.40';
}

$servers.Keys|
    sort |
        Foreach{
            $ips = (nslookup -type=A -server delivery.antispamcloud.com  $servers.$_ 2>Out-Null).count
            "{0}`t{1,20}`t{2}" -f $ips,$Servers.$_,$_
        }

Here are the results of using those DNS servers:

94	          8.26.56.26	Comodo Secure DNS(1)
94	         8.20.247.20	Comodo Secure DNS(2)
264	        156.154.70.1	DNS Advantage(1)
264	        156.154.71.1	DNS Advantage(2)
264	             8.8.8.8	Google Public DNS(1)
264	             8.8.4.4	Google Public DNS(2)
264	         209.244.0.3	Level3 DNS(1)
264	         209.244.0.4	Level3 DNS(2)
264	       199.85.126.10	Norton ConnectSafe - Level1(1)
264	       199.85.127.10	Norton ConnectSafe - Level1(2)
264	       199.85.126.20	Norton ConnectSafe - Level2(1)
264	       199.85.127.20	Norton ConnectSafe - Level2(2)
264	       199.85.126.30	Norton ConnectSafe - Level3(1)
264	       199.85.127.30	Norton ConnectSafe - Level3(2)
264	      208.67.222.123	Open DNS Family Shield(1)
264	      208.67.220.123	Open DNS Family Shield(2)
264	      208.67.222.222	Open DNS(1)
264	      208.67.222.220	Open DNS(2)
9	      46.151.208.154	OpenNIC(1)
9	     128.199.248.105	OpenNIC(2)
264	        195.46.39.39	Safe DNS(1)
264	        195.46.39.40	Safe DNS(2)

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Marked as answer by Fr0ns Thursday, August 29, 2019 9:23 AM

Wednesday, August 28, 2019 2:57 AM

0

Sign in to vote

Thanks for all the replies, when I clear the DNS server and local DNS cache it seems to help:

PS C:\Users\user.domain> $ips = [System.Net.Dns]::GetHostAddresses("delivery.antispamcloud.com") | select IPAddressToString
PS C:\Users\user.domain> $ips

IPAddressToString
-----------------
5.79.65.71
5.79.72.138
5.79.72.139
5.79.86.40
5.79.86.41
5.79.86.42
31.204.150.41
31.204.154.86
31.204.154.235
31.204.154.236
31.204.154.237
31.204.154.238
31.204.155.103
31.204.155.105
31.204.155.116
37.48.65.165
38.89.254.32
38.89.254.34
38.89.254.36
38.89.254.38
38.89.254.79
38.89.254.80
38.89.254.81
38.89.254.82
38.89.254.150
38.89.254.151
38.89.254.152
38.89.254.153
38.89.254.154

PS C:\Users\user.domain> ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.
PS C:\Users\user.domain> ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.
PS C:\Users\user.domain> $ips = [System.Net.Dns]::GetHostAddresses("delivery.antispamcloud.com") | select IPAddressToStr
ing
PS C:\Users\user.domain> $ips

IPAddressToString
-----------------
5.79.72.138
5.79.72.139
5.79.86.40
5.79.86.41
5.79.86.42
31.204.150.41
31.204.154.86
31.204.154.235
31.204.154.236
31.204.154.237
31.204.154.238
31.204.155.103
31.204.155.105
31.204.155.116
37.48.65.165
38.89.254.32
38.89.254.34
38.89.254.36
38.89.254.38
38.89.254.79
38.89.254.80
38.89.254.81
38.89.254.82
38.89.254.150
38.89.254.151
38.89.254.152
38.89.254.153
38.89.254.154
38.89.254.155
38.89.254.156
38.89.254.157
38.89.254.158
38.89.254.159
38.89.254.160
38.89.254.161
38.89.254.162
38.89.254.163
38.89.254.164
38.101.250.82
38.101.250.83
38.107.142.88
38.107.142.89
38.107.142.90
38.107.142.91
38.107.142.92
38.109.53.17
38.109.53.19
38.109.53.21
38.109.53.35
38.109.53.36
38.109.53.38
38.109.53.39
38.109.53.40
38.111.198.182
38.111.198.183
38.111.198.184
38.111.198.185
38.111.198.186
38.111.198.187
38.111.198.188
38.111.198.189
38.128.97.251
38.128.97.252
38.128.97.253
38.128.97.254
46.165.209.5
46.165.209.232
46.165.217.141
46.165.217.142
46.165.222.180
46.165.223.3
46.165.223.16
46.165.224.87
46.165.232.196
62.212.72.235
69.64.57.52
69.64.57.56
69.64.57.60
69.64.57.61
78.46.59.153
81.17.56.93
81.17.56.160
81.17.62.140
81.17.62.141
81.17.62.142
81.17.62.145
81.171.15.183
82.192.64.142
85.17.23.2
85.17.23.118
85.17.23.119
85.17.76.141
85.17.178.207
85.25.176.214
85.25.237.90
85.25.237.91
85.25.237.172
85.25.237.173
88.99.25.231
88.99.245.49
88.198.67.44
94.75.244.162
94.75.244.163
94.75.244.176
94.130.134.223
94.130.134.226
94.130.139.116
94.130.140.62
94.130.238.210
95.211.100.171
95.211.100.172
95.211.100.173
95.211.121.203
95.211.160.147
95.211.233.206
95.216.33.117
95.216.33.118
95.216.36.251
95.216.36.252
95.216.37.109
95.216.37.110
95.216.37.111
95.216.37.113
108.59.11.79
130.117.54.78
130.117.54.79
130.117.54.80
130.117.54.81
130.117.54.82
130.117.54.83
130.117.54.84
130.117.54.85
130.117.249.135
130.117.249.136
130.117.249.137
130.117.249.138
130.117.249.148
130.117.249.149
130.117.249.150
130.117.249.151
130.117.251.26
130.117.251.27
130.117.251.35
130.117.251.36
130.117.251.37
130.117.251.38
130.117.251.39
130.117.251.40
130.117.251.41
130.117.251.42
130.117.251.44
130.117.251.45
138.201.61.103
138.201.61.104
138.201.61.135
138.201.61.138
138.201.61.140
138.201.61.142
138.201.65.23
138.201.138.133
138.201.140.156
138.201.141.136
138.201.192.37
138.201.192.38
149.5.26.35
149.5.26.36
149.5.26.37
149.5.26.38
149.5.26.39
149.5.26.40
149.5.26.41
149.5.26.42
149.5.95.71
149.5.95.72
149.5.95.73
149.5.95.74
149.5.95.75
149.5.95.76
149.5.95.77
149.5.95.78
149.12.33.20
149.12.33.21
149.12.33.22
149.12.33.23
149.12.33.24
149.12.33.25
149.12.33.26
149.12.33.27
149.13.73.45
149.13.73.46
149.13.73.47
149.13.73.48
149.13.73.55
149.13.73.56
149.13.73.57
149.13.73.58
149.13.73.60
149.13.75.38
149.13.75.39
149.13.75.42
149.13.75.43
149.13.75.45
149.13.75.46
154.61.81.53
154.61.81.54
154.61.81.57
154.61.81.58
154.61.81.199
154.61.81.200
154.61.81.201
154.61.81.202
154.61.135.19
154.61.135.20
154.61.135.21
154.61.135.22
154.61.135.26
162.210.192.149
162.210.193.232
162.210.198.115
162.210.198.139
185.201.16.200
185.201.16.201
185.201.17.200
185.201.17.201
185.201.18.200
185.201.18.201
185.201.19.200
185.201.19.201
188.138.56.27
188.138.56.29
188.138.125.29
195.201.61.177
198.7.58.151
198.7.58.152
198.7.58.153
198.7.58.154
198.7.58.155
199.115.113.161
199.115.114.223
199.115.117.1
199.115.117.7
207.244.83.249
209.58.136.65
209.58.183.202
209.126.110.250
209.126.110.251
209.126.122.18
212.7.192.86
212.32.233.198
212.32.243.83
212.32.246.15
217.20.113.37
217.118.19.158
220.233.31.56
220.233.31.57
220.233.31.58
220.233.31.59
220.233.31.61
5.79.65.71

What could cause this DNS issue? I use Google DNS as my forwarders like most of our servers.

Wednesday, August 28, 2019 5:59 AM
0

Sign in to vote

That's really a question for an infrastructure forum, not Powershell.

There are DNS caches on local machines and on DNS servers. Each DNS record also has a TTL that's out of your control (it's managed by the authoritative DNS for the zone). So, if your forwarder gets an incomplete answer to a query and the TTL is, say, 86400 then that result is remembered for 24 hours. The only way to rid yourself of that is to clear the DNS server cache and the clients resolver cache so a new query is made.

In addition to all of that, if you get an answer from an non-authoritative DNS server you'll be getting whatever records are on that server. It can be a real PITA to figure out when things don't work. Using NSLOOKUP is a skill you want to develop. :-)
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Wednesday, August 28, 2019 6:35 PM
0

Sign in to vote

Thanks for your reply Rich,

Forgot that I was in the PS forum haha, I "fixed" it by adding a ipconfig /flushdns at the beginning of the script. The server was not installed by us and has a lot of weird settings en quirks. It will be replaced at a later moment.

Thursday, August 29, 2019 9:22 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Powershell output in Exchange Management Shell differs from Powershell

Question

Answers

All replies