none
NSlookup works, but tracert, ping fails for only one website

    Question

  • Hello everyone, I am going crazy with a strange networking issue using SBS 2011 Essentials. I am able to use internet just fine with no issues, with the exception of one website: be-well-guide.com which resolves to 208.113.233.0 I am unable to access this website not only on the server but also any computer attached to the domain, and also any device on the network at all even if it is not attached to the domain.

    NSLookup works and I get this:
    >be-well-guide.com 
    Server: beneficial-serv.beneficial.local
    Address: 10.0.0.250

    Non-authoritative answer:
    Name:  be-well-guide.com
    Address: 208.113.233.0

     

    The sbs server is on IP 10.0.0.250 running domain and DNS services for the network

    Here is the IPconfig /all results:

     

    Windows IP Configuration

     

       Host Name . . . . . . . . . . . . : BENEFICIAL-SERV

       Primary Dns Suffix  . . . . . . . : beneficial.local

       Node Type . . . . . . . . . . . . : Hybrid

       IP Routing Enabled. . . . . . . . : No

       WINS Proxy Enabled. . . . . . . . : No

       DNS Suffix Search List. . . . . . : beneficial.local

     

    Ethernet adapter Local Area Connection 2:

     

       Connection-specific DNS Suffix  . : 

       Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection

       Physical Address. . . . . . . . . : 00-1E-67-19-42-D7

       DHCP Enabled. . . . . . . . . . . : No

       Autoconfiguration Enabled . . . . : Yes

       Link-local IPv6 Address . . . . . : fe80::542f:944a:1375:e107%12(Preferred) 

       Link-local IPv6 Address . . . . . : fe80::b84d:1231:bbc5:5d00%12(Preferred) 

       IPv4 Address. . . . . . . . . . . : 10.0.0.250(Preferred) 

       Subnet Mask . . . . . . . . . . . : 255.255.255.0

       Default Gateway . . . . . . . . . : 10.0.0.1

       DHCPv6 IAID . . . . . . . . . . . : 301997671

       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F4-0F-CB-00-1E-67-19-42-D6

       DNS Servers . . . . . . . . . . . : fe80::542f:944a:1375:e107%12

                                           10.0.0.250

       NetBIOS over Tcpip. . . . . . . . : Enabled

     

    When trying to access be-well-guide.com from any computer on the domain, the browser times out, however all other websites have no issues. Here is what I get when trying a ping and a tracert:

    C:\>ping 208.113.233.0

    Pinging 208.113.233.0 with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

    Ping statistics for 208.113.233.0:
     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


    And here is the tracert log:

     

     

    Tracing route to be-well-guide.com [208.113.233.0]

    over a maximum of 30 hops:

     

      1    <1 ms    <1 ms    <1 ms  10.0.0.1 

      2     *        *        *     Request timed out.

      3     *        *        *     Request timed out.

      4     *        *        *     Request timed out.

      5     *        *        *     Request timed out.

      6     *        *        *     Request timed out.

      7     *        *        *     Request timed out.

      8     *        *        *     Request timed out.

      9     *        *        *     Request timed out.

     10     *        *        *     Request timed out.

     11     *        *        *     Request timed out.

     12     *        *        *     Request timed out.

     13     *        *        *     Request timed out.

     14     *        *        *     Request timed out.

     15     *        *        *     Request timed out.

     16     *        *        *     Request timed out.

     17     *        *        *     Request timed out.

     18     *        *        *     Request timed out.

     19     *        *        *     Request timed out.

     20     *        *        *     Request timed out.

     21     *        *        *     Request timed out.

     22     *        *        *     Request timed out.

     23     *        *        *     Request timed out.

     24     *        *        *     Request timed out.

     25     *        *        *     Request timed out.

     26     *        *        *     Request timed out.

     27     *        *        *     Request timed out.

     28     *        *        *     Request timed out.

     29     *        *        *     Request timed out.

     30     *        *        *     Request timed out.

     

    Trace complete.

     

    What I have tried so far:
    -Rebooting the switch, router and server
    -using and not using opendns forwarers in the DNS configuration (208.67.222.222 208.67.220.220) and turning root hints on and off.
    -using the SBS "Fix my network" wizard in the Console
    -enabling a static IPV6 address.
    -using the guide here (http://www.itgeared.com/articles/1146-windows-server-2008-r2-dns-issues-edns0) to try to turn edns probes on and off
    -checked the hosts file on the server to see if it had been reconfigured (it hadn't)
    -upgrading the firmware of the network switch. 
    -checking the .htaccess file on the website at 208.113.233.0

    This website works everywhere else except here on this network! After 2 days of troubleshooting this, I am at my wits end... any ideas?



    • Edited by cbutters Thursday, January 26, 2012 6:05 PM
    Thursday, January 26, 2012 5:59 PM

All replies

  • The Ping  with no response may likely indicate that ICMP is disabled on the target system.

    But the Tracert results say that you are not getting even one hop past your gateway device before ICMP is either disabled or failing.


    What happens when you ping/tracert to say google.com?
    Thursday, January 26, 2012 7:35 PM
  • Oh, I think I see your problem - the machine youare using has its IPv4 DNS set to its own address - try setting it to your gateway's address at 10.0.0.1.
    Thursday, January 26, 2012 7:40 PM
  • Oh, I think I see your problem - the machine youare using has its IPv4 DNS set to its own address - try setting it to your gateway's address at 10.0.0.1.

    the machine I was using in that log is the server itself which hosts the DNS service on the network, I can try bypassing the sbs 2011 dns server by configuring it to 10.0.0.1 for the server, (I tried this and still not working for the one website) should i could bypass the local DNS server and use 10.0.0.1 on the server itself? seems like I should put it back to use the DNS server it is running itself.

     

     

    here is tracert to google:

     

    Tracing route to www.l.google.com [74.125.227.83]

    over a maximum of 30 hops:

     

      1    <1 ms    <1 ms    <1 ms  10.0.0.1 

      2     *        *        *     Request timed out.

      3    11 ms    11 ms    12 ms  te-5-2-ur08.saltlakecity.ut.utah.comcast.net [68.85.39.77] 

      4    12 ms     9 ms    12 ms  te-2-1-ar02.saltlakecity.ut.utah.comcast.net [69.139.247.1] 

      5    45 ms    47 ms    42 ms  te-0-0-0-7-cr01.denver.co.ibone.comcast.net [68.86.90.253] 

      6    54 ms    52 ms    55 ms  pos-2-9-0-0-cr01.dallas.tx.ibone.comcast.net [68.86.88.118] 

      7    57 ms    61 ms    55 ms  pos-0-1-0-0-pe01.1950stemmons.tx.ibone.comcast.net [68.86.86.94] 

      8    65 ms    66 ms    64 ms  75.149.231.70 

      9    65 ms    64 ms    64 ms  72.14.233.77 

     10    69 ms    70 ms    68 ms  209.85.250.199 

     11    64 ms    69 ms    62 ms  dfw06s07-in-f19.1e100.net [74.125.227.83] 

     

    Trace complete.

    Thursday, January 26, 2012 8:43 PM
  • Oh, right.  I'm not thinking so fast - of course your Server is the DNS.  I was thinking that in a typical small biz configuration that your gateway would be the default DNS, forwarding to your ISP.

    I guess that now gets into a discussion of hown your DNS is configured for Forwarders.

    BTW, your traceroute to Google looks pretty normal but the first one showed nothing after the first hop - very curious.  I see the first hop timed out in the second trace as well, but then went on through.  By reading the second trace I see you're using Comcast as your ISP.  It might be some issue with them.

    Normally on a failed tracert you'd expect to get at least through your ISP and into the backbone before failing.

     

    Thursday, January 26, 2012 10:35 PM
  • Oh, right.  I'm not thinking so fast - of course your Server is the DNS.  I was thinking that in a typical small biz configuration that your gateway would be the default DNS, forwarding to your ISP.

    I guess that now gets into a discussion of hown your DNS is configured for Forwarders.

    BTW, your traceroute to Google looks pretty normal but the first one showed nothing after the first hop - very curious.  I see the first hop timed out in the second trace as well, but then went on through.  By reading the second trace I see you're using Comcast as your ISP.  It might be some issue with them.

    Normally on a failed tracert you'd expect to get at least through your ISP and into the backbone before failing.

     

    That first failed hop request is comcast's doing I'm pretty sure.

    see(http://forums.comcast.com/t5/Connectivity-and-Modem-Help/tracert-timeouts-on-the-first-hop/td-p/749732)

     

    Friday, January 27, 2012 12:01 AM
  • I get a diff ip:

    C:\Users\Grey>ping be-well-guide.com

    Pinging be-well-guide.com [208.113.227.184] with 32 bytes of data:
    Reply from 208.113.227.184: bytes=32 time=88ms TTL=51
    Reply from 208.113.227.184: bytes=32 time=90ms TTL=51
    Reply from 208.113.227.184: bytes=32 time=88ms TTL=51
    Reply from 208.113.227.184: bytes=32 time=89ms TTL=51


    Grey
    Monday, January 30, 2012 3:14 PM