Previous Table of Contents Next Dialout DNS When you dial someone else's IP network, you are using that person's IP numbers on one of your interfaces as well as relying on that person's DNS servers to look up names. Because these DNS servers (more than likely) do not hold the symbolic names of your servers, it's likely that name resolution will fail for local hosts. Because a DNS server will return a "no such host" message rather than failing with no response, your computer will not go to the next DNS server in the list to try again-your request will simply fail. There's one more thing that you should know about DNS and dialout. You can specify up to three DNS entries in the Windows Control Panel. If you have a user who will be dialing out of your intranet, you should not specify more than two in the normal Windows Control Panel. The reason for this is that if three already exist, when the dialup adapter tries to add one more (for the remote network), it will fail and the user won't be able to resolve remote names. Summary Your intranet operates pretty much the same as the Internet at large-just on a smaller scale. Accordingly, troubleshooting strategies that work on one will also work on the other. Part of getting ready to troubleshoot your Internet connection is identifying what type of connection you have. After you've done so, you'll want to practice troubleshooting measures using nslookup, ping, and traceroute to see if these tools will work through your firewall. To be able to rule out IP connectivity issues versus DNS problems, you'll want to keep a few IP numbers of reliable hosts on the Net handy. If you have a DMZ (demilitarized zone) segment "in front" of your firewall, you can plug a laptop or other workstation into it for the purposes of troubleshooting, even if the firewall will not allow diagnostic tools to work through it. A little DNS knowledge goes a long way when troubleshooting Internet problems-whether you're having trouble resolving a hostname or others are having trouble seeing your hosts. The nslookup tool will give you a lot of help when troubleshooting DNS issues. Routing problems may be addressed similarly to routing problems on your own network; the key lies in finding out who is responsible for those routers and alerting them. Once again, nslookup to the rescue! Problems with your Web server and intranet applications are typically either capacity related, reliability related, or related to an entirely different server (as with the CD-ROM server in a previous example). Although it's possible for a Web server to run out of gas, this is not true for the majority of intranet servers. Good documentation and staying current on operating system and Web server patch levels can help you avoid or resolve many problems in this arena. Workshop Q&A Q I've read that the Internet at large uses different routing protocols than a typical local area network, so how can troubleshooting techniques on my intranet apply to Internet troubleshooting? A True, the routers on the Internet are major beefcakes, and I hear that some of them use steroids. Although they're drugged drones, they still must obey basic rules of routing: A packet that comes in on one interface must be routed to another interface and passed off to the "next hop" or dropped if the destination is unreachable. Seriously, the routing protocols are merely methods of routing table updates-as such, they don't matter to us, because we're not ISPs. We just care about pointing to the trouble and reporting it. If a packet isn't doing what it's supposed to be doing according to a traceroute, we have a reportable problem, and that's where our responsibility ends. Here's the bottom line: Let the ISPs worry about the routing protocols, just so long as they route our packets properly. Q My proxy server connects straight to my ISP via a leased line, and I cannot use ping, traceroute, and nslookup through it. I'd like to be able to troubleshoot my own problems, but I have no DMZ and my firewall's getting in the way! Any suggestions? A Get a dialup account from your ISP (you might even be able to get a freebie if you have a big and expensive leased line for the main part of your business) and troubleshoot using that. The dialup account will allow you to be on the ISP's DMZ, and you should be able to use standard troubleshooting procedures from there. Quiz 1. What does ISP stand for? A. Internet supplier partner B. Internet service provider C. Internal stud professional D. Interior service provider 2. Which of the following is a legitimate way of connecting to an ISP? A. Workstation dialup connections B. Firewall or proxy direct to ISP C. Neither A nor B D. Both A and B 3. What does DMZ stand for? A. DNS main zone B. Demilitarized zone C. Demilitarized zebras D. DNS mystical zodiac 4. What's the main tool for resolving DNS problems? A. dnslookup B. nslookup C. ping D. traceroute 5. If the DNS server you've queried doesn't know the answer to your question, what must it do? A. Scream and cry B. Ask one of your internal file servers C. Ask its "parent" zone server D. Ask the ISP 6. True or false? An SOA contains information about a zone's name servers and point of contact. 7. To look up the hostname for the host 167.195.160.6, you would fire up nslookup and type set type=ptr and then type what? A. 167.195.160.6.in-addr.arpa B. 6.160.195.167.in-addr.arpa C. 6.160.195.167.in-reverse.arpa D. 167.195.160.6.in-address.arpa Answers to Quiz Questions 1. B 2. D 3. B 4. B 5. C 6. True 7. B Previous Table of Contents Next