"For a complete guide to security, check out ''Security + Study Guide and DVD Training System'' from Amazon.com"
Checking Name Resolution 101
This article is laid out so that it will show you how to not only use the tools, but also how to pick them. This is helpful because to just learn the tool’s name and all the switches you can use with it may not be particularly helpful to you if you don’t know when you would use a particular switch with a command. I have seen this a million times in books that are trying to drill this information into your head so that you remember it, problem is, if there is no scenario, you know, a real world – in the pits – scenario, pure memorization of the tool and its switches becomes pointless then because although you may have them memorized, how would you use them to resolve problems?
Consider Ping. Why would you use a Ping command with a ( -a ) switch? Let’s consider a problem where you would have to test DNS resolution, a user can’t get to an Internet website. Now, I know there are many ways you can test to establish what the problem is but let’s assume we wanted to quickly see if DNS was the problem, we isolated the problem that far, it’s definitely something wrong with DNS resolution. The DNS Cache was also flushed (ipconfig /flushdns which purges the DNS Resolver cache). So now, we will quickly test DNS with Ping? Yes, Ping with a particular switch can be used to solve a problem such as ‘why can’t we get to that URL, http://compIntranet?’ Well, do you know if you have DNS resolution such as a HOST file entry or the company DNS server assignments in the TCP/IP configuration properties configured via a DHCP server? Test DNS on your local PC to make sure you aren’t the problem first. If you get a complaint that users can’t get to http://compIntranet then you should make sure that you aren’t the problem first. Make sure you have DNS resolution. You can do this many ways, but one of the ways you can do it with the Ping command is with the ping –a ip_address command which will try to query resolve DNS to find out what the host name is.
- You have to see if DNS resolution is working you can see if the DNS server you are configured to query knows what it’s talking about. Using the NSLOOKUP command shows this information.
- When I query my local DNS server, I can see that Yahoo.com has multiple IP addresses that can be used.
- Now, it’s possible to ping with the –a switch to also verify if DNS resolution is work. Pinging Yahoo’s IP address with the –a switch produces the DNS name of the system.
C:\WINDOWS\SYSTEM32>ping -a 18.104.22.168
Pinging p11.www.dcn.yahoo.com [22.214.171.124] with 32 bytes of data:
Reply from 126.96.36.199: bytes=32 time=22ms TTL=51
Ping statistics for 188.8.131.52:
Although a simple example of using command line tools, we were able to also see why we would want to use them. See, so this guide does just sound like a machine telling you that ping is a command line tool that uses the ICMP echo protocol to send packets to … blah, blah, and blah! It’s a useful guide to help you understand why you would use them as well. It also shows you why you would use such switches that are available with the most common tools! Hopefully this will help you know when to use each one and help you create that precision needed in your troubleshooting steps. We will be back next time with some command line tool tips.