• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 791
  • Last Modified:

DNS: internal domain name same as website name, can't resolve website

We have an issue with DNS where it will not resolve our external website, it resolves other pages without a problem.  

Here is the scenario: 2 servers, DC - win 2K, win 2003 DNS server.  Our internal domain name is example.net and our website address is www.example.net.  

For some reason some workstations cannot resolve example.net, but do resolve www.example.net
What I have done (let me know if this is wrong) is created an A record named WWW that points to the IP of our website. This seems to work.

Addt'l info: dns server points to itself for DNS, all workstations point to DNS server for primary dns and a firewall for secondary dns.

IN "dnsmgmt", under Forward Lookup Zone file properties, Zone Transfers tab, I have checked Allow Zone Transfers -> to any server.  

Initially it was set to Only To Servers Listed On the Name Servers Tab (which listed the DNS server)


Do you think it has to do with the same name being used for internal domain and website?
0
ckeller52
Asked:
ckeller52
  • 8
  • 6
1 Solution
 
NJComputerNetworksCommented:
1) All internal Windows 2000 and higher clients must use only the Internal Windows 200x DNS servers.  This is because Active directory requires DNS communication to logon to the network.  I would remove the pointer to your firewall.
0
 
NJComputerNetworksCommented:
2) Because you used the same registered internet domain name for your internal Windows 200x domain, you will have to manually create records in your local DNS server for your internet web sites.  This is because for your internal clients, your internal Windows DNS server is Authoritive for the domain namespace.  

In order to fix your problem... find out the IP address associated with WWW in www.exmaple.net.  Then manually create an "A" record in your DNS database to point to this IP address.  Then test with your clients.,..
0
 
ckeller52Author Commented:
But win 2003 is the primary DNS server, so why would it matter if the secondary is the firewall, does it not know not to look at secondary if it sees primary??
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
NJComputerNetworksCommented:
Sorry, I misread your post, it appears that you have already created the WWW "A" record.  This is good.  So, you can get to your website....

When you type NSLOOKUP example.net what response do you get  (You should get the ip addresses of your internAL Windows DC's.)
0
 
ckeller52Author Commented:
this is what I have done, created an A record named WWW with the ip of our website.
0
 
NJComputerNetworksCommented:
"But win 2003 is the primary DNS server, so why would it matter if the secondary is the firewall, does it not know not to look at secondary if it sees primary??"  In general, you are correct.  But in a scenerio, where you reboot the primary, it will look to the secondary and continue looking to it.  You may run into internal resolution and Active Directory communication problems during this scenerio.
0
 
ckeller52Author Commented:
Correct, I do get the ip of my internal server
0
 
ckeller52Author Commented:
"When you type NSLOOKUP example.net what response do you get  (You should get the ip addresses of your internAL Windows DC's.)"

correction, I get the ip of the DNS server not DC
0
 
NJComputerNetworksCommented:
And what problem are you facing.... it seems that your DNs resolution is working properly....



When you name the internal domain name the same as your Internet domain name, you will run into some issues as your describe.  In general, Microsoft recommends that you name you internal Windows  domain name something other then what your external Internet domain name is called.  names like company.local or example.local are commonly used internally.

However, it is possible to name your internal windows 200x domain name the same as your external internet domain name.  This is a good design as well...however, when you do this, you will have to create records internally to get external resolution working.  For example, you may have to create an A record to resolve to external websites in the same domain name.
0
 
NJComputerNetworksCommented:
"correction, I get the ip of the DNS server not DC"  Is this the internal DNS server?  In a windows domain, this is normally, a Windows DC.  DNS is normally loaded on domain controllers (because there is so much communication between AD and DNS)

What DNS server do you get, your local internal DNS IP or the Gateway?
0
 
ckeller52Author Commented:
What DNS server do you get, your local internal DNS IP or the Gateway?
Yes, the internal DNS server is a win2003 box, while the DC is win 2K, when doing NSlookup I get the ip of the DNS server (win2003 box).

"And what problem are you facing...."
The problem I am facing is that workstations cannot resolve example.net, but they can resolve www.example.net.
0
 
NJComputerNetworksCommented:
"And what problem are you facing...."
The problem I am facing is that workstations cannot resolve example.net, but they can resolve www.example.net.


::::However, it looks like the clients are resolving example.net:::::

"When you type NSLOOKUP example.net what response do you get  (You should get the ip addresses of your internAL Windows DC's.)"

correction, I get the ip of the DNS server not DC  <-- this is called resolution to example.net.  This is normal and good.

Are you expecting that you will resolve example.net to some other IP addresses?
0
 
ckeller52Author Commented:
I thought example.net should resolve to the external website, (this is from the browser of course), not nslookup. But it makes sense what you say.  Thank You
0
 
NJComputerNetworksCommented:
No problem,  It looks like your DNS environment is working properly!  Take care....
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now