Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to resolve mapquest and aol only???

Status
Not open for further replies.

neonrh

IS-IT--Management
Aug 8, 2002
23
US
Really stumped on this one. All of my computers are unable to browse to aol.com or mapquest.com. I've traced it down to DNS but am unsure what the problem is. All is configured fine and no errors in the event logs. I can resolve everything on my domain and also against the root servers. I've confirmed that no "." domain exists on my DNS servers and that the root servers are configured. I can resolve new domains that have never been in my cache just fine so I can't figure out why these two domains are the only ones causing trouble.

This all worked fine roughly 3 weeks ago and then stopped one day. All searches for viruses/spyware come up blank. If I run nslookup my DNS servers simply timeout. I confirmed that they have reverse lookup records, rechecked the configs, everything looks fine. I even cleared the dns cache on the clients and servers and rebooted. I am able to query external DNS servers with nslookup and resolve these domains, but setting them up as forwarders on the DNS servers makes no difference.

Any ideas?
 
Is there a firewall in place that may have blocked content in it? Also can you ping aol.com or mapquest.com?
 
No firewall in place. I had a webfilter appliance that I suspected was the issue but I have turned it off so it is no longer filtering (it's a software package that runs the NIC in promiscuous (sp?) mode). When I try to ping aol or mapquest it fails because of it being an unknown host because it can't resolve it in DNS.
 
neonrh,

Have you looked at the hosts file on your DNS server? Are AOL and mapquest redirected there?

Kmills
 
Good call Kmills, I checked one DNS and it was not modified. I forgot to check the other one and won't have access to it until tonight.
 
neonrh,

You might also look at the hosts file on the individual computers, although it seems unlikely they would all have been modified at the same time.

Kmills
 
I know you said "no firewall" but I have had a Linksys router decide to block everyone from just a couple of sites for no reason. I ended up flashing the same version of the firmware onto it and it corrected the problem.

=== 4H PLUMBING / METALBUILDING.COM / THINK BINARY / OBW / WPS ===

Designing, Developing, Coding, Debugging & Hosting 1995 to Present.
NT 3.51/4.0/2k/2.3k/OS2/Linux/FreeBSD/ASP/PHP/SQL/VB/VBS/VBA
I ran my first BBS on two 300 baud modems. One of them had a coupler.
 
Have you checked with your ISP that IPs in your forwarders are correct ? My ISP changed theirs and we started noticing problems and later discovered that we had to use new ones. Also, did you try plugging a pc directly to the ISP router/modem and try to access those sites ? I usually do that before I start playing around with the server/firewall settings.
 
I beleive this will resolve your issue. Run the following script on the DNS Server.

Code:
'==========================================================================
'
' NAME: DNSProbes.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.thespidersparlor.com[/URL]
' DATE  : 6/10/2004
'
' COMMENT: <comment>
'
'    THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
'    ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
'    THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
'    PARTICULAR PURPOSE.
'
'    IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS 
'    BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
'    DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
'    WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
'    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
'    OF THIS CODE OR INFORMATION.
'
'==========================================================================

on error resume next

Dim path

Set WSHShell = Wscript.CreateObject("WScript.Shell")

path = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\"

WSHShell.RegWrite path & "EnableDnsProbes","00000000","REG_DWORD"

If err then
	msgbox "Error Encountered"
else
	msgbox "DNSProbes Sucessful"
End if

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
kmills - Checked the client machines, all host files are clean.

Twizted - Maybe you're onto something. I didn't really think of what you said until just now. I have a Cisco VPN/Firewall. I'll do as akwong suggested and connect outside of the firewall to see if that is the issue.

Great tips guys, thanks!

Markdmac - Thank you for the script, could you elaborate a bit on what this registry entry does? I'd like to know a little more about it before I try it out on my server.
 
Have you tried purging your cached entries for aol.com, and mapquest.com?

On your DNS server that resolves internet hostnames:

In DNS Manager, click on View -> Advanced.
Click on Cached Lookups
Navigate to AOL.com, and Mapquest.com. Remove all entries.
Do an ipconfig /flushdns on all of your servers, and workstations.

Mike Fegan
tweakmybox.com

Get a free iPod at tweakmybox.com!
 

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
tweakmybox - Hmmm... found the AOL and Mapquest entries on DNS server #1. Tried to delete them and it says they can't be deleted because the zone does not exist. Looked for them on DNS server #2 and there are no entries there. It is not storing any entries. So I have two separate issues to check out. Thank you for that info.

markdmac - I appreciate the instructions. Thank you and I will give it a try if these initial troubleshooting attempts don't pan out.
 
Update - cleared the cash on both servers. Both are now able to obtain name server entries from the root name servers, but are then unable to resolve for AOL or Mapquest. On a side note, both the AOL and Mapquest entries in the DNS cache hold name server entries for AOL dns servers. So if I can find out why my servers are unable to query the AOL dns servers for specific host records, I should have my solution.

I'm going to try and test outside the firewall now and will let you know how it goes.

Mark - You were correct with your script, after applying it to the 2003 server (the other was 2000) I am now caching .com entries where before I was not. So now I'm trying to resolve the same problem on both servers. Thanks for your help!
 
Okay troubleshooted a step further. The common denominator is that both AOL and Mapquest are outsourcing their DNS requests to akadns.net. I am able to resolve some names from this host (such as Yahoo advertising) but not all. I'm looking into this further.
 
Further troubleshooting revealed that I cannot access or even by IP address, so I'm being blocked somewhere. I am looking at the firewall, but it was installed before I was here and I do not have the password.

DNS on both servers is now responding properly. Thank you for everyone's help and if you have any ideas on how to troubleshoot from here then please let me know.
 
Did you try the script I posted? Backup the registry keys found in the script so you can undo the changes if you feel they are not needed.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
markdmac - Yes thanks. See my comment a couple posts above. It did not fix the issue however, it appears to be routing related at this point, although my provider (XO) swore before that they could not find an issue. However I logged into our T1 router (outside the firewall) and could telnet into certain websites via port 80 and get a response, but not from AOL or Mapquest. I also resolved both sites to IPs and am not able to connect. This now rules out DNS and my firewall (thanks to everyone's advice to rule these options out) and points to the provider.
 
Use a tracert to see where it is failing.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
I've been having the same issue for about a week. DNS is fine, tracert won't work because mail.aol.com and mapquest.com are purposefully un pingable. Aol will only talk to paying customers. Do you think that AOL is blocking certain IP blocks? I’m at a total loss and many of my users are super peeved. Any insight here would be greatly appreciated.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top