Post by John Hasca » Wed, 14 Dec 2005 18:39:40

You didn't really provide enough details to be sure, but if the client
is a Unix/Linux-type look at /etc/resolv.conf, in particular lines

domain com
search ... com ...

options ndots:N

where N is some number. Doing "man resolv.conf" should be of some
assistance in determining what you really want there.

If it is a Windows machine, there is probably some similar control panel.



Post by Eric Benoi » Wed, 14 Dec 2005 23:22:13

Greetings, I set up an internal DNS with BIND 9.3.1
Everything seemed to be working great until I went to a couple of
different clients and the lookups ...well they didn't really fail, but
the client couldn't resolve to my internal hosts ...could it be the
clients? I am using a class c network and allowed queries from

I do nslookup from the client and everything works things resolve, but
the browser adds .com??

I know this is prolly simple, just stuck.



Post by Eric Benoi » Thu, 15 Dec 2005 02:47:45

sorry about that, I am new :)

I am using a debian 3.1 sarge ppc build running BIND 9.3.1. as my DNS

All the clients on my class C network have it's IP
address( listed as the first DNS server. The client
computers are a mixture of win98, winXP and linux. Some of the client
computers are able to get to Internal servers some are not. The client
computers that cannot get to our Internal servers via its hostname act
strangly, when I use nslookup (a microsoft tool) to lookup "secure" the
DNS appears to be working just fine.


client computer A can get to http://secure through a browser
client computer B goes to http://www.yqcomputer.com/ instead of http://secure
like it is supposed to using a browser

"secure" is the name of a server listed on my DNS server as a master zone

Here is the entry for "secure":

$ttl 38400
secure. IN SOA secure. eric.hopevale.com. (
38400 )
secure. IN NS sting.
secure. 5D IN A


Post by Mark Andre » Thu, 15 Dec 2005 06:21:45

Single label hostnames went away 20 years ago. Resolvers and
applications treat them as unqualified hostnames and try to
qualify them.



Post by Mark Andre » Thu, 15 Dec 2005 06:48:49

You may also want to fix the delegation for hopevale.com.
I would remove the two wnyric.org servers and add the
fast.net servers. The later atleast allow anyone in
the world to query them.

hopevale.com. 64911 IN NS ns4.wnyric.org.
hopevale.com. 64911 IN NS ns1.fast.net.
hopevale.com. 64911 IN NS ns2.fast.net.
hopevale.com. 64911 IN NS ns3.fast.net.
hopevale.com. 64911 IN NS ns3.wnyric.org.

bsdi# tcpdump -n -i sis0 port 53 or icmp
tcpdump: listening on sis0
08:47:05.030927 > 64126 MX? hopevale.com. (30)
08:47:10.038943 > 64126 MX? hopevale.com. (30)
08:47:21.574084 > 13419 MX? hopevale.com. (30)
08:47:26.579327 > 13419 MX? hopevale.com. (30)
1845 packets received by filter
0 packets dropped by kernel


Post by Eric Benoi » Thu, 15 Dec 2005 22:09:14

So I should add an extra domain like secure.intranet and make intranet
the master then all my server names would be apart of the master?


Post by Eric Benoi » Thu, 15 Dec 2005 22:24:55

Thanks for the heads up, I don't handle the external DNS, I should
probably know more about why(security risks?) that would be an issue
before I ask the people incharge of external DNS if I should change it.

Thank you again.


Post by Eric Benoi » Thu, 15 Dec 2005 23:01:13

orked!! Thanks Mark.

Eric Benoit wrote:



Post by Mark Andre » Fri, 16 Dec 2005 09:56:15

When you publish a delegation you are telling the world that
you are willing to answer queries for this zone on these
nameservers. If you are not willing to do this then don't
list the nameserver. Currently the only nameservers listed
in the parent zone don't answer queries from my address or my
IPS's nameservers (,

I suspect someone has said we don't need to answer queries
from APNIC. There is no one anywhere is ASIA or the Pacific
we would ever want to talk to. The fact that you are talking
to me (indirectly via a mailing list) show how wrong and short
sighted that reasoning to be.

hopevale.com. 172800 IN NS ns3.wnyric.org.
hopevale.com. 172800 IN NS ns4.wnyric.org.
;; Received 76 bytes from in 852 ms