NSlookup - Non-authoritative answer

Blitzcrank picture Blitzcrank · Feb 15, 2013 · Viewed 8.5k times · Source

When I nslookup behind our firewall i got Non-authoritative answer like this


Non-authoritative answer:

Name: sitius.com

Address: 173.44.39.70


but if i nslookup from public internet access i got this


name: sitius.com

address1: 173.44.39.70 173.44.39.70.static.quadranet.com


I can ping the sitius.com behind the firewall, I cant access their website. I did tracert , i stoped somewhere on the way to destination but out of our ISP. I got a msg like this:


Error Code 10060: Connection timeout

Background: The gateway could not receive a timely response from the website you are trying to access. This might indicate that the network is congested, or that the website is experiencing technical difficulties.

Date: 2/15/2013 3:50:37 PM [GMT]

Server: xxxx-fw-01.xxxxxx.com

Source: Firewall


is there anyone can help?

Answer

czaby picture czaby · Feb 15, 2013

I think you have two separate issues. One is that your ISP's firewall might block you from accessing the standard DNS port (53) of external sites, forcing you to use their DNS. This might or might not be a good thing, at least it explains the "Non-authoritative answer" and you might still be able to access the site itself.

The other thing is, why you cannot reach the remote website (port 80). It could be that the site is actually down or overloaded.

The real evil thing would be if your ISP's DNS is giving you not only "Non-authoriative", but false answer. This way they effectively block you from accessing the site. There is workaround for that, you can reconfigure your DNS manually, but it is fairly inconvenient.

I would ask your ISP about it and if you are not happy with their answer, change to an another ISP.