Windows DNS sometimes can't pick up my VM's hostname

2

1

RE: unresolved hostname / host not found / host unknown

The VM is VirtualBox running Ubuntu under Win8, using the bridged networks.

It almost always able to register itself to my company's Windows DNS server, so that I can ping myvm1 from my DOS, or dig myvm1.mycompany.com from within the Ubuntu. But there ARE times that I can't do either of them. I'll get host unknown error. The Ubuntu VM is always the same, so I think it is the Windows DNS server that is causing the problem.

Searching for the solution myself, I only to find an unanswered question, which has the exact symptom as mine -- what are some possible reasons why my company's DNS server sometimes fails to resolve the host name of some of my VM's?

Any ideas, for solution or to troubleshoot it?

PS. Adding Ubuntu/Linux to the tags -- anyway to know which DNS server the Ubuntu VM register itself to? How can I force re-register my Ubuntu's dhcp/dns?

xpt

Posted 2014-03-28T22:17:34.790

Reputation: 5 548

Answers

3

This is one of those questions that can go sprawling in all sorts of directions as there are many ways you could proceed.

First of all, name resolution in windows uses more than DNS. The command to use to see if DNS can resolve a name is nslookup, so you would use nslookup myvm1.mycompany.com to see if it is in DNS for that domain.

Secondly doing ping myvm1 from a machine will use more than just DNS for name resolution, it may be using NetBIOS, WINS, or some auto-discover query like multicast DNS (mDNS) or DNS Self Discovery (DNS-SD), Ubuntu implements these through the avahi daemon. Even if it is doing a DNS lookup it may be using more than just the mycompany.com DNS search domain.

Given that it works most of the time, I'm guessing that the name myvm1 is being used with avahi with either mDNS or DNS-SD that the windows name resolver queries when you run ping. These zeroconf name resolution protocols do not use an actual DNS server and so do not need to authenticate themselves to an AD integrated DNS server. From my experience the zeroconf mDNS/DNS-SD protocols are not 100% reliable, which adds to my belief that these are being used in your case as it matches your situation.

You could go in multiple directions from here

  • ensure avahi is working properly
  • If the mycompany.com is a typical windows domain run by Active Directory it will require the machine to be part of the domain for it to push automatic DNS updates to the server. You could make a manual DNS entry into the mycompany.com domain and either
    • make the ubuntu vm a static IP with either a fixed IP in its local config or a DHCP reservation. These are my 1st and 2nd preferences for a solution.
    • allow insecure updates for the name myvm1.mycompany.com
  • make the Ubuntu VM part of the AD domain so it can do authenticated automatic DNS updates. This may require samba version 4 or above.

As a couple of first steps I would check

  • Check the DNS search domain order on your windows machine to see if it is even looking at the domain mycompany.com when you type in just a host name.
  • On the Ubuntu VM ensure that you have set the full qualified domain name for the machine as described on this how to.

BeowulfNode42

Posted 2014-03-28T22:17:34.790

Reputation: 1 629

That's as complete as it can get. Thanks. One more thing, I remember that the way Windows based DNS works is that, the DHCP/DNS server will ask for the hostname from the client connecting to it, then use it as its own DNS entry, if there is no conflicts. I believe that has been the way it used to work before, because I have no control over our company's DNS, and I did nothing but set my own VM's hostname, and even the full qualified domain name (returned by hostname -f) is as simple as myvm1. With this, I can access my VM from within my company. Strange but it had been working just fine. – xpt – 2014-03-29T04:53:39.947

1That's almost right. The AD integrated DNS at most Windows based companies (due to it being the default and recommended setting) requires the computer to be an AD domain member before it will request the hostname from the computer to put in its DNS records. The reason for this is considered to be a security issue. As any intruding device could corrupt all of the DNS entries if insecure entries/updates were allowed by either changing existing ones or flooding and crashing the DNS server with new ones. – BeowulfNode42 – 2014-03-29T06:01:25.623

"The AD requires the computer to be an AD domain member before it will request the hostname from the computer to put in its DNS records" I think that is the reason that sometimes it doesn't work for my VM, because I think maybe our IT department is playing with the rule, strengthening it then backing off because of some issues. The whole thing is done on the AD server side, and I can do nothing about it, right? – xpt – 2014-03-29T14:34:54.673

I doubt it, the default setting is the secure setting, and they would not change it. Likely your vm is using some form of zeroconf for name resolution like mDNS or DNS-SD that doesn't always work due to coincidences in network traffic that prevent it functioning sometimes. – BeowulfNode42 – 2014-03-29T19:13:37.507

For mDNS and DNS-SD the actual DNS server has nothing to do with the name resolution. Though if there is a .local domain in the actual DNS server then it can interfere with mDNS/DNS-SD so they won't work. – BeowulfNode42 – 2014-03-29T19:16:36.543

Asked: 2014-03-28T22:17:34.790

Viewed: 3 994 times

Active: 2014-03-29T19:21:39.567