I have a windows 2003 server running AD and DNS I'm having issues with some websites not updating internally and having loading image errors. I've changed the forwarders and even took them out just to use root hints. I've toggled between that and changing the secondary dns server on the server nic. I even tried using some opendns servers as forwarders. I've tried clearing the cache from the dns mgmt, doing ipconfig flush, deleted it temp files, etc. user pc's use dhcp configure with this ad server as the only dns server. on my pc, i have a static ip. When I change my primary dns server to a public dns server like 4.2.2.2, and then do an ipconfig flush, the websites come up just fine. I switch it back to the AD server, and the websites have errors and some images don't load. we are not hosting this sites, they are external. Externally, the sites can be accessed without errors.
To make sure I read this correctly - You client systems point to the single AD/DNS server for all DNS, and then the server is configured running DNS, hosting only the AD-integrated zones with nothing else configured? That should be all you need.
Make sure that you do not have the AD/DNS server pointing anywhere but itself for DNS assignment got the IP configuration (though you should really have two DCs with DNS and can point them at each other as alternates then if you want).
From the server, I would run NSLOOKUP and test getting resolutions for websites from there rather than a browser, as a browser is far more than a DNS lookup application and you might be looking into DNS resolution problems with the problem is with a completely different component, such as a proxy, firewall, network connection...
If not sure how to use NSLOOKUP, let me know and I can help out there. Basically, all you need to do to test out DNS name resolution for your server is to go to command prompt and run NSLOOKUP. It will load and show that the current name server you are querying is the default for the server (this should be itself at this point). Then you can simply type in the name you are looking for and it will come back with an IP for the name you entered. Example:
Microsoft Windows [Version 6.0.6000] Copyright (c) 2006 Microsoft Corporation. All rights reserved.
Ummm, DNS doesn't cache anything other than IP to name resolutions. Unless you are indicating that these are websites that you know for a fact are changing the location of source images all the time so that the cached IP to name resolution would be wrong so that the new image location is not being located... but that would be a very small amount of web content normally, and the problem would likely happen for almost anyone that uses a DNS server that caches the address of lookups it performs.
I guess I am not sure what you are referring to with it being a caching problem here... Please explain what you are testing that is indicating a DNS problem with caching.
problem cleared itself after about 2 hrs after I cleared cache, changed forwarders and restart dns services. Not sure what the issue was but I was initially using XO's dns servers for forwarders and I know from past experience that they have issues once in a while.
