Strange DNS problem (computer related, obviously)

Factual Questions
1

Bear with me while I describe this one, I’ve tried literally everything I know, so I have plenty of details of what is wrong. I’ve never seen this problem before.

My dad’s home network is a very standard, simple wireless network. Cable modem attached to a linksys router, 2 computers connected to it wirelessly. Here is what is going on:

My dad’s computer (we’ll call it computer #1) works perfectly. Connects to the network, browser can open any domain, etc… no problems, no complaints.

My mom’s computer (#2) can connect to the network, but no website will open when you type a domain into the browser.

Both computers have the same DNS server IPs. In fact, when you put an IP address instead of a domain name into #2, it opens just fine, but when you put the equivalent domain name in, it will not resolve.

It does not appear to be a hardware issue on #2, as the same thing happens when connected via ethernet cable (which is a different NIC in a different PCI slot). It is not a router issue as #1 functions perfectly on the same router. My best guess is a software issue on #2, but I can’t figure out where it is.

To make things more complicated, #2 can’t ping #1 by IP address, which to me seems like it should be a completely separate issue from the one mentioned above.

I’ve never seen this kind of problem before. Anybody got any guidance? No apparent malware or viruses on #2. I’m stumped, so network gurus, let’s have it.

(#2 is a Dell, few years old, running XP SP2. As I’m 2000 miles away I can only get details by talking one of my parents through the required steps, so I’m sorry if it takes me a while to answer questions)

2

Google “hosts file”

Alternative: try setting the primary DNS on the afflicted computer 4.2.2.1

Kevbabe’s computer was just having a very similar problem this last weekend. Actually, sounds identical. Might be an issue with the latest XP update. Nothing was wrong with the Hosts file, and the DNS settings should have worked fine. Setting the primary DNS to 4.2.2.1 fixed it . I have no idea why, but it was previously getting the DNS settings from the DHCP server, even though I have our network set up for fixed IPs. My guess is that something is hosing the DNS IP, even though it looks fine.

3

First, thanks for the quick response!

I had him check the hosts file, it was the default one; nothing added, nothing removed. Didn’t try changing the DNS server to 4.2.2.1. Unfortunately he’s already in bed, so I’ll have to wait and call tomorrow to have him give that a shot. Hopefully it works… obviously other suggestions are welcome until I can try.

4

Some thoughts…

  1. Is PC2 using the correct wireless key? (WEP, WPA, etc) I have seen wireless networks appear to connect but refuse access if the wrong key is used. I see that you have tried a cable instead but did you temporarily disable the wireless adapter? Similarly, some laptops allow you to “connect” even if the hardware switch is turned off so you seem to be connected but nothing works.

  2. If one PC can’t ping another check local firewall settings [Windows firewall, Norton, AVG?]. Use the option that allows a “trusted” network and add the subnet from the router’s DHCP scope - eg. in my example below it would be 192.168.0.0

  3. Try overriding the “auto” IP settings with manually set entries:
    eg. If your router is 192.168.0.1 (pretty typical for a home router)

PC1: IP = 192.168.0.10
SNM = 255.255.255.0
GW = 192.168.0.1 [ie. the router]
DNS1 = 192.168.0.1 [ie. the router again]
DNS2 = leave blank [or use a known Internet DNS server such as 4.2.2.1 from post above]

PC2: IP = 192.168.0.20
SNM = 255.255.255.0
GW = 192.168.0.1 [ie. the router]
DNS1 = 192.168.0.1 [ie. the router again]
DNS2 = leave blank [or again use an Internet DNS server such as 4.2.2.1]
4) Make sure nothing else on the network is usina a conflicting IP address such as a shared printer, try the free IP scanner available here: Free IP Scanner: a very fast IP scanner and port scanner.

  1. As a last resort you could try a “factory reset” on the router by pressing its reset button with a pin, then set up the Internet connection from first principles. Could look for a firmware update at the same time.
5

The fact that the machine is blocking inbound connections, won’t resolve DNS but works fine with IP would suggest to me that there is an overly aggressive firewall policy installed.

It’s possible the firewall config has got screwed. I’d disable the firewall and check again.

I’d also suggest opening a command promt (Start -> Run -> cmd) and type “nslookup” to get a command line interface to the DNS resolver. Type in some names e.g. news.bbc.co.uk and see what you get back. If interesting post the response.

tim

6

My father is out of town, so I had to talk my mother through most of the suggestions given, which means… well… I had to talk my mother through trying to fix a technical problem. Try playing Call of Duty 2 from 2000 miles away using only a complex pulley system to control joysticks and a 1996 model webcam for visuals. Multiply by ten. Yeah. Here is what I can tell you:

SunSandSuffering:

  1. The first thing I did was have dad disable encryption, so that shouldn’t be the issue… neither computer is trying to connect using the wrong method, that has been triple checked now.
  2. I had him disable the windows firewall, but if I understood my mom correctly, they have some lapsed Norton software that is begging to be updated/reactivated/paid for… I doubt this is the issue, but maybe?
  3. Tried all these arrangements with the appropriate addresses. No luck.
  4. The only two devices ever on this network are comps #1 and #2, which I had my mom confirm through the router’s DHCP tables today. The only device there now is comp #2 since my dad’s PC is out of town.
  5. Haven’t tried it because I wouldn’t be able to talk my mom through it, this will have to wait until thursday night or friday morning, but will be done if nothing else fixes it.

trmatthe:
Tried nslookup on a few domains and got something strange. It spit back (on all domains tried) “Non-authoritative answer” but still gave valid IPs for the domains on the following line. I don’t know what “non-authoritative” means in this case, so any insight is helpful. Still, isn’t it curious that nslookup can resolve domains to IPs but browsers can’t?