Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


www issue caused by internal and external domain names being same

Posted on 2006-06-15
Medium Priority
Last Modified: 2010-04-13
I have looked at everything on the sie and nothing is exactly what I am experiencing, so here goes .. I sure hope someone can help!

Windows 2000 Server SP4 with Exchange 2000

I have an internal domain name of company.com, the public domain is company.com

I host email internally on Exchange

I host a website externally using a hosting company who also runs primary DNS for company.com

I have made an entry at the hosting company of server.company.com that points back to my static IP.

From the web, I can access all of my resources on the server.  Email works fine.

The problem is, when I type www.company.com from a workstation on the local network, I get page cannot be displayed. (on server and workstations)

To solve this issue I DELEGATED www. to the namservers of the hosting company.

Now from the server I see the external website ... from the workstations however, I get the IIS basic page --> This Site is Under Construction

I know people will say put in a CNAME record pointing to the external website IP .. the problem with that is the hosting company uses a webfarm and publishes all the IP's in the DNS record ... they take them down without notice and replace them with servers with new IP's ... so I can't pick an IP and trust it wil be up forever (I know because I tried this and it doesn't work more than a couple of weeks) ...

I can't turn off IIS becuase of OWA, etc ...

I need to resolve this ASAP so I am offering 500 points!!

Question by:robertbranch
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 18

Accepted Solution

John Gates, CISSP earned 2000 total points
ID: 16913069
from the server where things work where does www.company.com resolve to?  The workstation?
Your internal and external domains are the same...  This is not the Microsoft recommended configuration, for the very reason you are having ths issue.  you have a few options.  You could upgrade the domain to Windows server 2003 and then rename the domain to a company.local for the inside DNS.  The problem with your name being the same for both is that your internal server thinks it is autoritative for the domain company.com and if it cannot resolve www it does not look to other servers to resolve it.  So you would have to keep an A record on the internal server and change the IP occasionally.  The other thing you could do is bring your website in locally.  Short of running bind and setting up views and transfer rules the above options are all you can really do....

Hope this helps!

Author Comment

ID: 16913140
from the server it resolves www.company.com to 65.218.234.xx ... if you do the resolution multiple times you may get 3 or 4 differnt addresses.

from the workstation it resolves www.company.com to

I didn't create this domain, so I had no control over the naming convention. I was asked to help resolve this specific issue. I don't think they are interested in upgrading at this juncture.

I have done this multiple times before when the domain names were the same by enteringing a host record for www  ... the difference this time is the multiple addresses that return.

I am not sure why the workstations who use as primary DNS don't recognize the delegation that was put on the DNS server.

Maybe if I could stop IIS from answering for www.company.com that would help ..

LVL 18

Expert Comment

by:John Gates, CISSP
ID: 16913433
>I am not sure why the workstations who use as primary DNS don't recognize the delegation that was put on the DNS server.<

You cannot delegate in this manner.  When a server holds a primary or active directory zone for comapny.com it will not forward or look to another server for the domain.  It kind of works like this:

I have the record company.com and I am authoritative so if www.company.com does not exist in my records the name cannot be found.  

So with this said you must have an a record for www on your local DNS server with the ip

So in your case you will need to place multiple A records mirroring the ISP DNS records for www on the local server.  

The delegation you speak of is like if you had a remote site connected by WAN links for your company you could delegate the zone east.company.com to another Active Directory server at the remote site then if someone looked to company.com's dns for www.east.company.com it would forward it to the remote server.  Does this make sense to you?  You cannot delegate a root domain to a second server.


Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Article by: evilrix
Looking for a way to avoid searching through large data sets for data that doesn't exist? A Bloom Filter might be what you need. This data structure is a probabilistic filter that allows you to avoid unnecessary searches when you know the data defin…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question