Nslookup server: unknown between VLANs/networks?

Question

I have several VLANs/networks - eg.:

10.0.10.0/24 : Servers
10.0.20.0/24 : Pcs

My DNS server is called "DC1.mydomain.local" (IP 10.0.10.11) and I have a PBX server called SVPBX (IP 10.0.10.21).

Inside the Servers VLAN - If I type Nslookup SVPBX, I get this result:

C:\Users\x>nslookup SVPBX
Server:  DC1.mydomain.local
Address:  10.0.10.11

Name:    SVPBX.mydomain.local
Address:  10.0.10.21

But if I inside the PCs VLAN tries the same, I get this:

C:\Windows\system32>nslookup SVPBX
Server:  UnKnown
Address:  10.0.10.11

My PCs DNS is set to: 10.0.10.11.

I have created two reverse lookup zones on the DNS server (DC1):

10.0.10.in-addr.arpa
20.0.10.in-addr.arpa

Any idea what I am doing wrong? Shouldn't I create a reverse lookup per VLAN?

score 0 · Answer 1 · answered Apr 14 '22 at 18:16

0

This is not about reverse DNS. Reverse DNS zones contains PTR records, whilst you're looking for A/AAAA records with your nslookup commmand.

Your problem is the DNS search domain. On the first PC, where it works, the search domain is probably set to mydomain.local. This can be verified with Get-DnsClientGlobalSetting cmdlet in Powershell.

You should not rely on the DNS search domain in your configuration files. Always use FQDN. The search domain can commonly be specified by DHCP server, and may open you up to attack by software connecting to a different server than anticipated.

answered Apr 14 '22 at 18:16

vidarlo

6,654
2
18
31

Thanks ... Yes it says mydomain.local. I'm not sure which configuration files you refer to? – MojoDK Apr 14 '22 at 18:39
1

Don't use `SVPBX` anywhere. Use the full FQDN `SVPBX.mydomain.local`. – vidarlo Apr 14 '22 at 18:55
Any idea why I can't ping CNAME adresses from PCs subnet to the Servers subnet? I can ping A/AAAA records but not CNAME. – MojoDK Apr 14 '22 at 19:21
Check if the NS allows recursion. – vidarlo Apr 15 '22 at 06:51

Nslookup server: unknown between VLANs/networks?

1 Answers1