on a pre-configured work issued laptop, DNS has been getting buggy. 99% of sites will properly resolve, but everything on the fidelity domain will no longer.

for a comparison, i checked my other pre-configured work issued laptop (i have 4 - don't ask), and they appear to match with one exception: the DNS suffix search list (results retrieved from "ipconfig /all"). the working one has one 4 suffixes, the failing one just 1. i imagine i now have to add the other 3, even though it has been working like this for years. i guess the one suffix has been taken offline, but i still don't understand why this would result in a very small set of domains being unreachable. again, i can reach everything else that i've tried (news, social networking, gov't, blogs, & commerce). i've even tried putting the various fidelity IPs in my hosts file.

OS: xp

Fidelity is where you work, I assume?

The suffix list is used to resolve local domains that are not otherwise resolvable publicly. E.g. if my suffix list contains "ridemonkey.com" and I type "ping stinkle" it'll automatically try to ping "stinkle.ridemonkey.com."

You should still be able to resolve fully qualified domain names without any trouble, though.

don't work for fidelity. i should have typed "pinging anything on the fidelity subnet". same goes for schwab, melloninvestor, and other brokerage sites.

what's weird is, i put in either the FQDN or the IP - the results are the same: cannot reach domain, for both browsing or icmp ping. best i can determine is the DNS server i'm using has an out-of-date routing table or a loop (causing timeout). of course, i cannot flush upstream, and my DNS server is allocated for me.

i think i may find a stable DNS server & force it.

If you're resolving FQDNs, just use the OpenDNS.org DNS servers. I use 'em for troubleshooting all the time since they're very stable.

you mean set my primary dns to opendns.org?

ok, this is weird: my pings to fark.com timeout, but i can connect (through a browser) lickety-split - no delay

oops, nevermind: i'm sure they don't send ack packets

ok, can't connect to my bank now...

there's something as plain as the nose on my face, i just know it.

you mean set my primary dns to opendns.org?

No, go to OpenDNS.org and use the nameservers they list there. They're public, reliable, and very quick.

I wouldn't trust ping as a reliable connectivity tool, since so many places block it now - when you try to connect to a website that won't connect, does it resolve the IP?

ok, i should -rep myself: i turned off https (port 443).

:banghead::imstupid:

as you were...

ok, i should -rep myself: i turned off https (port 443).

:banghead::imstupid:

as you were...
Some people shouldn't be allowed anywhere near a computer. :p

<snip>snap!