Using Command Line Utilities for Troubleshooting Name Resolution
Using Command Line Utilities for Troubleshooting Name Resolution
This content is from our CompTIA Network + Video Certification Training Course. Start training today!
Sometimes, Name Resolution fails. We have to be able to troubleshoot why Name Resolution failed. We’re going to see there’s multiple different utilities that we can use.
We can troubleshoot using Command‑Line utilities, PowerShell utilities, and then Linux utilities.
The first one is our command‑line utilities called NsLookup.
NsLookup allows us to do a lot of things. It allows us to do a name to IP address. It allows us to do an IP to name. It allows us to do a lot of things.
It has two modes. We have an interactive mode where we just type NsLookup. we enter into a series of a caret where we can get more details in. We have a non‑interactive mode where we’re looking for just a single piece of information.
We then have a utility called ipconfig. Ipconfig has a lot of switches. You will see the different switches later in the demo.
One of the primary things we can do with ipconfig is we can register my computer with DNS.
We also have the ability in there to display my current DNS cache. We have the ability to flush our DNS cache. Remember, if we’ve resolved an IP address for a specific hostname and that IP address changes, as long as it’s in our cache, we’ll go to the wrong IP address. We will need to need to flush the IP address. The way to determine whether it’s there or not is by looking at the DNS cache.
Finally, PING does a lot for us.
PING can test connectivity. In other words, can we connect to you and do we get a response? What we are going to use it for is, can we resolve the name to an IP address? Whether we can connect to it or not is a different problem. That’s network connectivity, not Name Resolution. We want to use PING to make sure we can actually resolve the name.
Demos on how to use the command line to test Name Resolution.
We’ll launch the command line utility by typing “CMD”.
We’ll run it as administrator.
We’ll type cd / (backslash) so you have more room to work with.
The first utility we want to look at is NsLookup. If we simply type “nslookup” and hit enter, this is going to send us into an interactive environment.
This shows us the DNS server that we’re connected to, then it also displays the DNS server and what its IP address is.
Let’s say we want to look up the IP address of a specific server we can actually type in the command prompt USSHQSVR2. It will display the DNS server that we’re connected to and the IP address.
We can use NsLookup.
If we type “help” and enter, this will show us everything that we can look use in here.
We can find things such as this computer’s (interfacett.com’s) mail server, and other items.
If we’re looking for their domain controller, we can set it to the domain controller we can set it to.
There is a whole wealth of information the help screen.
This machine doesn’t have Internet connectivity, so we can’t show you what we could get against a live website, but this is the NSLookup utility.
Exit out of this and now simply go to type “nslookup USSHQSVR2” and hit enter. This is all that was typed but notice it still gives us the IP address.
This is the non‑interactive mode. Here is this where this comes in handy. Remember we talked about PING utility and we know who the IP address is, but we don’t know who the name server is.
We can type, Nslookup 172.16.0.10. This is where we’re getting hit from.
The next tool that we can use is IPconfig.
If we just type IPconfig and do absolutely nothing else, this will show us our IP configuration.
Next we’ll drop into the host machine since the host machine has Internet connectivity. There’s some good stuff we can do with IPconfig.
We’ll type a CD\ again to get to the root of our drive.
If you just type IPconfig and hit enter, it shows the IP configuration.
If we do an IPconfig/? And hit enter, it’ll show us all the switches that we have.
If we do “ipconfig /all” and hit enter, it’s going to show the entire configuration of our TCP/IP stack.
A lot of good information available for troubleshooting, but we want to troubleshoot specifically Name Resolution.
Now let’s flush the DNS cache by typing “Ipconfig /flushdns” and hit enter.
Now the DNS cache is flushed.
Let’s display the content of our DNS cache by typing “ipconfig / displayDNS and hit enter.
Notice we only have a couple of records in here. These are all records about our self. It’s not a whole lot of content in here.
Now, we will go out to a website.
If we go out to www.azcentral.com.
As soon as the web page loads, we can come back to the command prompt and type “IPconfig/DisplayDNS” and hit enter.
All these records that popped in here are from azcentral.com.
Every link on their website is a user‑friendly name to my IP address.
What happens is you ever launched a website, got stuff, went to lunch, come back later, went to the website again and got a little red x instead of the picture or the link? That’s because the IP address changed, but the user‑friendly name didn’t. You have it cached.
What you need to do to fix that would be do an IPconfig /flushDNS, and you’ll be able to get back to that web page.
The problem is you have to have the administrative rights to do this. If you’re not an administrator, the only way you can fix that web page is by restarting your computer. Logging out and logging back in won’t fix it.
If we can’t resolve to the name because my DNS cache, remember the Name Resolution methodologies for hostnames? That’s the third thing that’s checked.
The last tool that we want to use the verify Name Resolution is PING.
In the Command Prompt we can ping the website www.interfacett.com.
Notice it resolved this IP address to 22.214.171.124, but notice it’s timing out.
It timed out, and then we actually got connections. The time out was just because of the delay getting through the firewall.
We got Name Resolution. All we are really concerned about is, did it resolve this user‑friendly [www.interfacett.com] name to 126.96.36.199 so now we know we have Name Resolution.
Conversely, let’s say we were to ping “www.IamthegreatestITPro.local website. This example we know doesn’t exist.
Notice the response notifies us that it can’t find the name. If it can’t find the name, that means if you know that exists for fact, you know you have a Name Resolution issue.
These are the three different utilities that are command‑line utilities for troubleshooting Name Resolution.
Now, let’s look at the PowerShell utilities.
The three primary PowerShell utilities we’re going to look at is Resolve‑DNSName. What Resolve‑DNSName is, goes out and verifies that our name is going to be existing in the DNS server.
Get‑DNSCache will actually do the exact same thing as IPconfig /DisplayDNS did. It will show us all my cache that is named, and then Test‑Connection is the same thing as ping.
Test-Connection is ping.
Get-DnsClientCache is IPconfig /DisplayDNS.
Resolve-DnsName allows me to go out and test, “Does the name exist?”
Let’s take a quick look at what these can do for me.
We’ll bring up the PowerShell environment.
We’ll type “test‑connection” and use the www.interfaceTT.com site to check.
Notice it looks just like a ping. The main thing we’re looking at here is not the fact that interfaceTT.com responded. we want to look at the fact that we resolved it to IP address 188.8.131.52. In this topic. We’re testing Name Resolution.
Again, if we were to do the Test‑Connection to the ricktrader.local, notice it’s coming back. It said, “Hey, the connection failed.”
Unlike the ping example above, PowerShell will display the errors in red notifying us the connection failed and the reason why the connection failed such as “Requested name is invalid.” We were unable to resolve that name to an IP address.
On the server machine, if we want to view my DNSCache, one of the easiest things to do in PowerShell if we don’t know all of the PowerShell cmndlets. we can type Get‑Command‑Module.
We want all my cmndlets that are for DNS client. (This needs to be done on a server because on a client machine the DNS manifest isn’t installed by default.)
If type “Get‑Command‑ModuleDNSClient” and hit enter, you’ll see that there’s a numerous options.
The Clear‑DNSClient is the same thing as IPconfig /FlushDNS. We have the ability to get my DNS cache which is the same thing as IPconfig /DisplayDNS.
This gives us the same things as we had in our command‑line environment. A lot of people are used to using command‑line.
A lot of you server folks will do PowerShell, but it allows us to go in and manage our DNS cache.
With that said, there’s one last thing to talk about and that is UNIX utilities.
The number one UNIX utility is called DIG, stands for Domain Information Gopher.
DIG is a utility that works a lot like PING. This allows us to go in and test connectivity. It allows us to test Name Resolution. It allows us to go in and do a lot of different things. That is the utility that Linux is going to use. It does not run on a Microsoft operating system.
We’ve talked about the command‑line utilities. We’ve talked about the PowerShell utilities. We talked about the one and only utility that Linux uses…
Until next time….
Video Certification Training: CompTIA Network +
You May Also Like
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365. For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015