Canadian TV, Computing and Home Theatre Forums banner

1 - 14 of 14 Posts

·
Registered
Joined
·
367 Posts
Discussion Starter #1
Does Rogers discard nslookup requests? While I can ping google.ca, if I nslookup google.ca it always times out.

An ipconfig /all shows my local router as the DNS server (192.168.0.1). Is there some upstream handshaking that I need to enable on the router to get nslookup working?

This is causing a problem with my Kidswatch parental control software. Web pages are taking about 90 seconds to load on limited accounts, and it seems to be related to name resolution in DNS.
 

·
Registered
Joined
·
8,300 Posts
That's a function of the DNS and not your ISP. I'm on Rogers too and I get the following using host & nslookup:

[email protected]:~ $ host google.ca
google.ca has address 173.194.32.104
google.ca has IPv6 address 2001:4860:800f::68
google.ca mail is handled by 10 google.com.s9a2.psmtp.com.
google.ca mail is handled by 10 google.com.s9b1.psmtp.com.
google.ca mail is handled by 10 google.com.s9b2.psmtp.com.
google.ca mail is handled by 10 google.com.s9a1.psmtp.com.

[email protected]:~ $ nslookup google.ca
Server: 2001:5c0:1001::194
Address: 2001:5c0:1001::194#53

For me, nslookup returns only the IPv6 address. Also, nslookup is obsolete. You should be using host. IIRC, Windows doesn't include a host command, so you'll have to find a 3rd party version. One possibility is Cygwin, which adds Unix commands to Windows.
 

·
Registered
Joined
·
367 Posts
Hmmm, that's interesting. Of course, regardless of the utility (nslookup, dig etc.) they are all sending RFC 1035 queries.

What does ipconfig and your router (if you have one) indicate for the DNS server? My PC points to the router (192.168.0.1) and the router has a 69.* (or 64.*, can't remember).

At least in your neck of the woods, the Rogers name server replies to nslookup. That helps with my troubleshooting.
 

·
Registered
Joined
·
8,300 Posts
^^^^
My DNS is configured to use one from my IPv6 tunnel broker. However, it's Google's DNS that determines this. All your router or Rogers DNS does is forward the request to them. The Rogers DNS will only have information about systems on it's network, plus whatever has been cached from other DNS servers.
 

·
Registered
Joined
·
3,239 Posts
If you can ping google.ca, then your DNS must be working. Windows NSlookup times out after 2 seconds, which often isn't long enough for recursive queries. What happens if you run:

nslookup -timeout=8 google.ca

You could also try

nslookup -debug google.ca

Which might tell you more than you wanted to know.

-Mike
 

·
Registered
Joined
·
8,300 Posts
For me, nslookup returns only the IPv6 address.
Correction, I was missing the bottom part of the output which was:

Non-authoritative answer:
Name: google.ca
Address: 173.194.32.104
 

·
Registered
Joined
·
367 Posts
Discussion Starter #7
With an 8 second timeout, the lookup eventually succeeds (really slow though). I believe this slow response is at the root of problems I have with Kidswatch parental control software web filtering (page loads take 2 minutes for non-administrators). Their sofware designers told me that the new version (7) has a new filtering model which relies more heavily on DNS, so I suspect that either Rogers or my DIR-655 is at the root of the problem. Probably Rogers.
 

·
Registered
Joined
·
367 Posts
Discussion Starter #8 (Edited)
If you can ping google.ca, then your DNS must be working. Windows NSlookup times out after 2 seconds, which often isn't long enough for recursive queries. What happens if you run:

nslookup -timeout=8 google.ca

You could also try

nslookup -debug google.ca

Which might tell you more than you wanted to know.

-Mike
I'll try that on my home PC tonight. On the computer I'm using right now I see the domain prefix being appended to the queried domain, requiring 5 recursive queries until a hit is obtained. If I add a "." to the end of the domain name, only one query is needed.

My ethernet adapter has a connection-specific DNS suffix. I couldn't see where this originates from and it is apparently totally useless, generating a whole bunch of failed DNS requests every time until it gets completely stripped off. This may be compounding the problem I'm experiencing with Kidswatch.
 

·
Registered
Joined
·
367 Posts
Discussion Starter #10
Another thing to try is to set your PC's DNS server to go directly to Rogers' server instead of to your router since the router's DNS proxy may be the bottleneck. You could also try using a different DNS server such as Google instead of Rogers. Details are here:

http://code.google.com/speed/public-dns/docs/using.html
I configured the net adapter to use the Rogers DNS server, rather than the DIR-655. Runs like a bat outta hell now. This has cleared up the Kidswatch problem in which web filtering was causing a delay of 1-2 minutes to load a single web page.

I also configured the net adapter to have just "." in the primary DNS prefix list (i.e. treat all addresses as fully-qualified).

So, what gives with the DIR-655? Guess I should contact D-Link.
 

·
Registered
Joined
·
367 Posts
Discussion Starter #12
I don't know if this is an nslookup-specific thing, but nslookup always does a reverse lookup on the DNS server address (192.168.0.1) and that is what seems to cause most of the delay when the DIR-655 isn't bypassed. When I configure the net adapter to use the IP of the Rogers DNS server, the reverse lookup of that address succeeds immediately, but the query of 192.168.0.1 gets hung up somewhere.
 

·
Registered
Joined
·
833 Posts
I had a look at the manual for that router and there's a couple of things you can try. In the Network Settings there are fields to set the device name and local domain name. The local domain is blank by default so maybe it needs to be set to something for the reverse lookup to work properly (i.e. it has no domain info to return so that might be confusing it).

The other thing you can do is uncheck the Enable DNS Relay option and then your PCs will automatically get set with the Rogers DNS server directly so you can continue to simply bypass the router for DNS lookups. Granted that doesn't really fix the problem as to why the router isn't working properly in the first place but there's nothing really wrong with going straight to the DNS server for lookups so IMO it's not an issue worth spending a lot of time on.
 

·
Registered
Joined
·
367 Posts
Discussion Starter #14
I turned off DNS relay, which results in the DHCP-advertised DNS server being the actual Roger DNS server. This is probably best for most home networks.

If the reverse lookup is just an nslookup thing, then, when relay is enabled, I guess there is a query for 192.168.0.1.inaddr-arpa which I guess Rogers tosses?

That said, if only nslookup is doing a reverse lookup, I'm not sure why this would affect name resolution performed by Kidswatch.
 
1 - 14 of 14 Posts
Top