Nslookup cant find unspecified error

nslookup cant find unspecified error

can you do the challenge here with nslookup right now, is it still working as it should be. i always get "unspecified errors" i did a lot of research aswell. A Non-existent Domain error occurs if any resource record type for the specified domain name is not available from the name server. A Server Failed error occurs. the lookup fails with an can't find home.myspace.com: Unspecified error message. Any ideas? Obviously nslookup is working, so I can't.

watch the video

How-To Fix Quick Access \

Nslookup cant find unspecified error - removed (has

DNS troubleshooting , this article describes some of the common dns problems and their solutions.
First phase of article describes dns errors relating to configuration , server setup and its basic functionality . Second phase talks about the nslookup related errors when the dns servers seems to be working correctly but names resolution fail .

A. Configuration problems

1) named fail to start
2) Trailing dots
3) Serial No. & Refresh Time
4) Cname

B. nslookup related errors

1) No response from server.
2) No Record is available.
3) No Information.
4) Unspecified Error
5) Query Refused

Configuration problems

1. name server daemon – named fail to start
This happens generally when the syntax in the configuration file is not correct . the named daemon will try to read named.conf file and if comes across any error it will abort and come out without starting named.
start the named in debug mode ( #named -d )and look the output in the debug file – default is named.run. There are different debug level which can be used depending upon the nature of problem.
It is always better to double check the configuration files for syntax etc. to avoid problems later on.

2.Trailing dots
Current domain name is automatically appended to the entries in the master data file. This might be correct for a entry like www to be read as www.yourdomain.com but it will be incorrect if www.yourdomain.com entry is read as www.yourdomain.com.yourdomain.com .So to avoid appending domain name a trailing dot is put on such names .

3. Serial Number & Refresh time
Serial number must be incremented after a change is made to zone file of a master server. The serial number is checked by the secondary dns server. After refresh time is over the transfer of zone files takes place only if serial number is incremented.
Refresh time depends on the frequency of changes made to dns servers data and is in seconds.

4. CNAME
A CNAME record is not allowed to coexist with any other data record. The DNS server finds the cname entry & it ignores other entries .In the example below NS entries are ignored .

dnsserver IN NS ns1 IN NS ns2 IN CNAME dnsmain dnsmain IN A 10.20.30.40 correct representation would be :- dnsserver IN NS ns1 IN NS ns2 IN A 10.20.30.40 dnsmain IN A 10.20.30.40

nslookup related errors

nslookup is very important troubleshooting tool & following are some of the most common problems.

1. No Response from Server
If nslookup does not give this response even for the local host name then it is possible that DNS server itself is not running. Check the named process and restart it in debug mode for clues about the problems .

2. No record available
This indicates that the default records types are not available in the target dns server. A better way would be to look for all type of records by mentioning “set type=any” in nslookup.

3. No information
nslookup did tried to find a host of the specified name but the name server did not have any information about that in its data files .
Check spellings & trailing dots in data files of DNS server

4. Unspecified error
This is mainly caused when number of NS records exceeds the capacity of datagram packet so don’t put too many NS records for a domain.

5. Query Refused
This can be caused due to security related options in configuration file. Make sure the network of nslookup host is mentioned in allow-transfer statement and also the address 127.0.0.1 if nslookup is being run on name server as host.

in Basics, DNS, Featured, Tips and tagged Cname, debug, DNS Troubleshooting, named, nslookup, Refresh Time, Serial No, Trailing dots.

DNS Server service does not respond to a CNAME query in the GlobalNames zone correctly in Windows Server 2008 or Windows Server 2008 R2

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

NoteIf additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

NoteThe "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, you must be running one of the following operating systems:
  • Windows Server 2008 Service Pack 2 (SP2)
  • Windows Server 2008 R2
  • Windows Server 2008 R2 Service Pack 1 (SP1)
Additionally, the DNS Server role must be installed.

For more information about how to obtain a Windows Server 2008 service pack, click the following article number to view the article in the Microsoft Knowledge Base:

968849 How to obtain the latest service pack for Windows Server 2008

For more information about how to obtain a Windows Server 2008 R2 service pack, click the following article number to view the article in the Microsoft Knowledge Base:

976932 Information about Service Pack 1 for Windows 7 and for Windows Server 2008 R2

Registry information

To use the hotfix in this package, you do not have to make any changes to the registry.

Restart requirement

You do not need to restart the computer after you apply this hotfix. However, you have to stop the DNS Server service before you install this hotfix to avoid restarting.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The global version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.
Windows Server 2008 file information notes
ImportantWindows Vista hotfixes and Windows Server 2008 hotfixes are included in the same packages. However, only "Windows Vista" is listed on the Hotfix Request page. To request the hotfix package that applies to one or both operating systems, select the hotfix that is listed under "Windows Vista" on the page. Always refer to the "Applies To" section in articles to determine the actual operating system that each hotfix applies to.
  • The files that apply to a specific product, SR_Level (RTM, SP), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.
    VersionProductSR_LevelService branch
    6.0.600 2 . 22Windows Server 2008SP2LDR
  • The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows Server 2008" section. MUM files and MANIFEST files, and the associated security catalog (.cat) files, are extremely important to maintain the state of the updated components. The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.
For all supported x86-based versions of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Cache.dnsNot Applicable3,17909-Sep-201111:25Not Applicable
Dns.exe6.0.6002.22910511,48808-Aug-201213:24x86
Dnsserver.events.xmlNot Applicable60909-Sep-201111:25Not Applicable
For all supported x64-based versions of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Cache.dnsNot Applicable3,17915-Nov-201115:04Not Applicable
Dns.exe6.0.6002.22910639,48808-Aug-201214:05x64
Dnsserver.events.xmlNot Applicable60915-Nov-201115:04Not Applicable
Windows Server 2008 R2 file information notes
ImportantWindows 7 hotfixes and Windows Server 2008 R2 hotfixes are included in the same packages. However, hotfixes on the Hotfix Request page are listed under both operating systems. To request the hotfix package that applies to one or both operating systems, select the hotfix that is listed under "Windows 7/Windows Server 2008 R2" on the page. Always refer to the "Applies To" section in articles to determine the actual operating system that each hotfix applies to.
  • The files that apply to a specific product, SR_Level (RTM, SP), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.
    VersionProductSR_LevelService branch
    6.1.760 0 . 21Windows Server 2008 R2RTMLDR
    6.1.760 1 . 21Windows Server 2008 R2SP1LDR
  • The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows Server 2008 R2" section. MUM and MANIFEST files, and the associated security catalog (.cat) files, are extremely important to maintain the state of the updated components. The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.
For all supported x64-based versions of Windows Server 2008 R2
File nameFile versionFile sizeDateTimePlatform
Cache.dnsNot applicable3,19810-Jun-200920:31Not applicable
Dns.exe6.1.7600.21050696,83210-Sep-201105:28x64
Dnsserver.events.xmlNot applicable60910-Jun-200920:31Not applicable
Cache.dnsNot applicable3,19805-Nov-201001:52Not applicable
Dns.exe6.1.7601.21814697,34409-Sep-201106:18x64
Dnsserver.events.xmlNot applicable60905-Nov-201001:52Not applicable

↑ Back to the top


Unable to nslookup one address from internal DNS

Well, it's partly due to taking over the infrastructure and this setup already existing, but mainly it's to have a central DNS cache as I'm not sure the internals replicate their cache.... and I certainly wouldn't go straight to the roots (as some seem obsessed with) as the turn-around is much longer than our ISP DNS servers, and since, as with any large ISP, they're serving a hell of a lot of people, odds are their DNS servers have the address you need.

The BIND box is also acting as our authoritative name server, and I don't want requests for that coming internal, so something needs to be in the DMZ. It could be a Windows box, but we use the machine for sendmail to, so I guess it just made sense to have BIND on there too. And since it's there, and since we'll often be visiting the websites of companies we e-mail, it makes sense to use it as a central DNS cache for outgoing requests.

Why would the problem be in the use of nslookup if running nslookup from the Linux box works fine?

 Network

Hi random hero,

What you are trying to achieve is a DNS zone transfert. That means you have to ask a specified DNS server to send you a copy of a zone, speeking a langage the server will understand (DNS requests). The "ls" command can be launched in a shell, but will not be understood by any DNS server.

So, nice, you have got a tool that speaks DNS. You are a lucky one, you wont have to forge your paquet by hand. ;-) But you must find out how to tell that tool what you want it to request the server for (and of course you will also have to provide some more information as which server to request, for which domain...)
For this most Unix tools have a "man" (manual - man command) explaining the usage of the program, but unfortunately nslookup’s man (the one I’ve got at least) doesn’t mention the request types he nows about, so perhaps you will have to investigate à bit on the web and experiment.

Make sure that you request the challenge server on the challenge port (54011) and that you are authenticated on the site with the same IP to get access.

Hth

12.7. Troubleshooting nslookup Problems

The last thing you want is to have problems with your troubleshooting tool. Unfortunately, some types of failures render nslookupnearly useless. Other types of nslookupfailures are (at best) confusing, because they don't give you any clear information to work with. While there may be a few problems with nslookupitself, most of the problems you encounter will be caused by name server configuration and operation. We'll cover these problems here.

12.7.1. Looking Up the Right Data

This isn't really a problem per se, but it can be awfully confusing. If you use nslookupto look up a type of record for a domain name, and the domain name exists but records of the type you're looking for don't, you'll get an error like this:
% Default Server: terminator.movie.edu Address: 0.0.0.0 > *** No address (A) records available for movie.edu.
So what types of records do exist? Just set type=anyto find out:
> > Server: terminator.movie.edu Address: 0.0.0.0 movie.edu origin = terminator.movie.edu mail addr = al.robocop.movie.edu serial = 42 refresh = 10800 (3H) retry = 3600 (1H) expire = 604800 (7D) minimum ttl = 86400 (1D) movie.edu nameserver = terminator.movie.edu movie.edu nameserver = wormhole.movie.edu movie.edu nameserver = zardoz.movie.edu movie.edu preference = 10, mail exchanger = postmanrings2x.movie.edu postmanrings2x.movie.edu internet address = 192.249.249.66

12.7.2. No Response from Server

What could have gone wrong if your name server can't look up its own name?
% Default Server: terminator.movie.edu Address: 0.0.0.0 > Server: terminator.movie.edu Address: 0.0.0.0 *** terminator.movie.edu can't find terminator: No response from server
The"no response from server" error message means exactly that: the resolver didn't get back a response. nslookupdoesn't necessarily look up anything when it starts up. If you see that the address of your name server is 0.0.0.0, then nslookupgrabbed the system's host name (what the hostnamecommand returns) for the Default Serverfield and gave you its prompt. It's only when you try to look something up that you find out there is no name server responding. In this case, it's pretty obvious that there's no server running -- a name server ought to be able to look up its own name. If you are looking up some remote information, though, the name server could fail to respond because it's still trying to look up the data and nslookupgave up waiting. How can you tell the difference between a name server that isn't running and a name server that is running but didn't respond? You can use the lscommand to figure it out:
% Default Server: terminator.movie.edu Address: 0.0.0.0 > -- Try to list a nonexistent zone *** Can't list domain foo.: No response from server
In this case, no name server is running. If the host couldn't be reached, the error would be "timed out." If a name server is running, you'll see the following error message:
% Default Server: terminator.movie.edu Address: 0.0.0.0 > [terminator.movie.edu] *** Can't list domain foo.: No information
That is, unless there's a top-level foozone in your world.

12.7.3. No PTR Record for Name Server's Address

Here's one of nslookup's most annoying problems: something went wrong, and nslookupexited on startup:
% *** Can't find server name for address 192.249.249.3: Non-existent host/domain *** Default servers are not available
The"nonexistent domain" message means that the name 3.249.249.192.in-addr.arpadoesn't exist. In other words, nslookupcouldn't map 192.249.249.3, the address of its name server, to a domain name. But didn't we just say that nslookup doesn't look up anything when it starts up? In the configuration we showed you before, nslookup didn't look up anything, but that's not a rule. If you create a resolv.confthat includes one or more nameserverdirectives, nslookuptries to reverse map the address to get the name server's domain name. In the preceding example, there isa name server running on 192.249.249.3, but it said there are no PTR records for the address 192.249.249.3. Obviously, the reverse-mapping zone is messed up, at least for the domain name 3.49.249.192.in-addr.arpa.

The "default servers are not available" message in the example is misleading. After all, there is a name server there to say the address doesn't exist. More often, you'll see the error "no response from server" if the name server isn't running on the host or the host can't be reached. Only then does the "default servers are not available" message make sense.

12.7.4. Query Refused

Refused queries can cause problems at startup, and they can cause lookup failures during a session. Here's what it looks like when nslookupexits on startup because of a refused query:
% *** Can't find server name for address 192.249.249.3: Query refused *** Default servers are not available %
This one has two possible causes. Either your name server does not support inverse queries (older nslookup s only) or an access list is preventing the lookup.

Old versions of nslookup (pre-4.8.3) used an inverse query on startup. Inverse queries were never widely used -- nslookup was one of the few applications that did use them. In BIND 4.9, support for inverse queries was dropped, which broke old nslookup s. To accommodate these old clients, a new configuration file option was added.

In BIND 4, the directive looks like this:

options fake-iquery
In BIND 8, the statement looks like this:
options { fake-iquery yes; };
(BIND 9 doesn't support fake-iqueryas of 9.1.0.)

This causes your name server to respond to the inverse query with a "fake" response that is good enough to let nslookup continue.[97]

Access lists can also cause nslookupstartup problems. When nslookupattempts to find the domain name of its name server (using a PTR query, not an inverse query), the query can be refused. If you think the problem is an access list, make sure you allow the host you're running on to query the name server. Check any secure_zoneTXT records or allow-querysubstatements for the IP address of the local host or the loopback address, if you're running nslookupon the same host as the name server.

Access lists can do more than cause nslookup to fail to start up. They can also cause lookups and zone transfers to fail in the middle of a session when you point nslookup at a remote name server. This is what you would see:

% Default Server: hp.com Address: 15.255.152.4 > Default Server: terminator.movie.edu Address: 192.249.249.3 > Server: terminator.movie.edu Address: 192.249.249.3 *** terminator.movie.edu can't find carrie.movie.edu.: Query refused > --This attempts a zone transfer [terminator.movie.edu] *** Can't list domain movie.edu: Query refused >

12.7.5. First resolv.conf Name Server Not Responding

Here is another twist on the last problem:
% *** Can't find server name for address 192.249.249.3: No response from server Default Server: wormhole.movie.edu Address: 192.249.249.1
This time, the first name server listed in resolv.confdid not respond. We had a second nameserverdirective inresolv.conf, though, and the second server did respond. From now on, nslookupwill send queries only to wormhole.movie.edu; it won't try the name server at 192.249.249.3 again.

12.7.6. Finding Out What Is Being Looked Up

We've been waving our hands in the last examples, claiming that nslookupwas looking up the name server's address, but we didn't prove it. Here is our proof. This time, when we started up nslookup, we turned on d2debugging from the command line. This causes nslookupto print out the query messages it sent, as well as printing out when the query timed out and was retransmitted:
% ------------ SendRequest( ), len 44 HEADER: opcode = QUERY, id = 1, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: 3.249.249.192.in-addr.arpa, type = PTR, class = IN ------------ timeout (5 secs) timeout (10 secs) timeout (20 secs) timeout (40 secs) SendRequest failed *** Can't find server name for address 192.249.249.3: No response from server *** Default servers are not available
As you can see by the timeouts, it took 75 seconds for nslookupto give up. Without the debugging output, you wouldn't have seen anything printed to the screen for 75 seconds; it'd look as if nslookuphad hung.

12.7.7. Unspecified Error

You can run into a rather unsettling problem called an"unspecified error." We have an example of this error here. We've included only the tail end of the output, since we just want to talk about the error at this point (you'll find the whole nslookupsession that produced this segment in Chapter 14, "Troubleshooting DNS and BIND"):
Authoritative answers can be found from: (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = B.ROOT-SERVERS.NET (root) nameserver = E.ROOT-SERVERS.NET (root) nameserver = D.ROOT-SERVERS.NET (root) nameserver = F.ROOT-SERVERS.NET (root) nameserver = C.ROOT-SERVERS.NET (root) nameserver = *** Error: record size incorrect (1050690 != 65519) *** relay.hp.com can't find .: Unspecified error
What happened here is that there was too much data to fit into a UDP datagram. The name server stopped filling in the response when it ran out of room. The name server didn't set the truncation bit in the response packet, or nslookupwould have retried the query over a TCP connection; the name server must have decided that enough of the "important" information fit. You won't see this kind of error very often. You'll see it if you create too many NS records for a zone, so don't create too many. (Advice like this makes you wonder why you bought this book, right?) How many is "too many" depends on how well the domain names in the packet can be "compressed," which, in turn, depends on how many name servers' names end in the same domain name. The root name servers were renamed to end in root-servers.netfor this very reason -- this allows more root name servers (13) on the Internet. As a rule of thumb, don't go over 10 NS records. As for what caused thiserror, you'll just have to read Chapter 14, "Troubleshooting DNS and BIND". Those of you who just read Chapter 9, "Parenting", may know already.

Pi-hole Userspace

jaros85:

Pi-Hole should resolve ANY dns query

Note that ANY queries are not guaranteed to deliver consistent results.

If your motivation for manually requesting them would be to retrieve multiple protocol answers in one go, you should be prepared to handle incomplete results (see also proposed RFC 8482)

The result you'll get for an ANY request will depend on quite a few factors, including current caching state and any upstream DNS server used.

As ANY queries are "frequently used to exploit the amplification potential of DNS servers" (quoting the RFC linked above), some public DNS providers have disabled support for ANY queries altogether, e.g. Cloudflare did say goodbye to ANY in 2015.

Consequently, an ANY DNS request for domains via Cloudflare's 1.1.1.1 results in :

So if your Pi-hole would be using Cloudflare or a similar behaving upstream, your observation would be expected.

nslookup cant find unspecified error

0 Comments

Leave a Comment