Solved

Dns problem on web server can not  resolve it's own domain name but can resolve other domains

Posted on 2006-06-17
18
564 Views
Last Modified: 2008-01-09
Hi,
I am working on a web server-windows 2000 server.  The website can be viewed from the internet with no problem, but you can not view the website from the web server itself. I am trying to figure out some dns problems in our local network.  Also some cgi scripts are not performing as they should.
Here are some results from tracert, pings, and nslookup  that were performed from the web server.  

C:\Documents and Settings\Administrator>nslookup www.domain.com
Server:  server.domain.com
Address:  10.222.10.222

Name:    www.domain.com


C:\Documents and Settings\Administrator>tracert www.www.domain.com
Unable to resolve target system name www.www.domain.com

C:\Documents and Settings\Administrator>tracert www.google.com

Tracing route to www.l.google.com [66.102.7.99]
over a maximum of 30 hops:

  1     4 ms    13 ms     2 ms  mail.us.embeddedsol.com [63.145.241.33]
  2   271 ms     5 ms     5 ms  svl-edge-12.inet.qwest.net [63.145.225.245]
  3     5 ms     5 ms     5 ms  svl-core-01.inet.qwest.net [205.171.14.133]
  4     5 ms     5 ms     5 ms  pax-edge-01.inet.qwest.net [205.171.214.30]
You get the idea

Trace complete.

C:\Documents and Settings\Administrator>nslookup www.www.domain.com
Server:  server.www.domain.com
Address:  10.222.10.222

Name:    www.domain.com


C:\Documents and Settings\Administrator>ping www.domain.com
Unknown host www.domain.com

C:\Documents and Settings\Administrator>ping server.www.domain.com

Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:

Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128

Ping statistics for 10.222.10.222:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms

C:\Documents and Settings\Administrator>ping server

Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:

Reply from 110.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128

Ping statistics for 10.222.10.222:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms

I do have DNS installed on the webserver, which did instantly fix the mail server problem, but obviously we are still having trouble.
Thank you

0
Comment
Question by:lizardqueen007
  • 7
  • 4
  • 3
  • +3
18 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16928244
Try manually adding a new Alias/CNAME record in DNS for the web server using the local IP of the web server in the forward look up zones under your server.
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 16928249
The external name is resolved by the external DNS to the external address.  The router then does a NAT translation to the web server's internal IP address.  To access the site internally you must use the format http://servername/startpage.  For example, if the server internally is  called mymail and externally its MX recoerd is mymail.mycompany.com, externally you would access with http://mymail.mycompany.com and internally you would access with http://mymail
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928336
RobWill,
Could you please explain. What the CNAME record should look like?  For instance what would the alias name be and where would it point?  
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16928337
What is the server's primary DNS server?  It should be set to it's own IP address and there should be no others listed (unless they are other DNS servers on your network).  YOu should then have forwarders listed for external DNS servers.

Also why are you tracerting www.www.mydomain.com, shoulden't it be www.mydomain.com?

eb

0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928340
ebjers,
The only dns server listed in the tcp/ip settings is itself.
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928346
Also, I got an error message from the cgi perl script saying that it could not resolve smtp.domian.com

And you might take a look at another question that might be related.  
http://www.experts-exchange.com/Operating_Systems/Q_21890240.html
Those errors were found on the domain controller not on the web/mail server that we are referring to in this question.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16928420
To add a CNAME, open the DNS management console, expand the Forward look up zones, highlight your domain,  click actions on the menu bar and then New Alias (CNAME). In the Alias name enter the alias such as www.somedomain.com, then browse to the actual host/server and click OK. The CNAME acts as an alias on your local network to resolve the name to the local server IP rather than the external/WAN IP. I just found a similar discussion a while ago that may help:
http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21656672.html?query=adding+a+CNAME&clearTAFilter=true
0
 
LVL 2

Expert Comment

by:spakko
ID: 16928432
Have you thought about the fact that when request to see the site from inside your network it resolves to an external / public IP address that then comes back in via your NAT / Router... I have seen this cause problems once or twice before.

An easy workaround is to create a new DNZ Zone on your server called domain.com (as per your example) and then create an A record called www that resolves to your server's internal IP address (eg 192.168.1.10). That way when someone requests access to your website locally, your DNS sever "catches" the call and directs it to the local IP address. Anyone outside of your network gets the public IP address and gets in happily too.
0
 
LVL 2

Expert Comment

by:spakko
ID: 16928436
Ooops... I mean DNS Zone in in the above. Damn keyboard...
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928555
Ebjers, yes www.mydomin.com  this was a cut and paste mistake when obfiscating real domain to experts exchange.
I really meant www.www.www.www.my domain .com-just kidding.
Laura
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928564
RobWill,  when I try to add the alias.  The window will not let me put a "." in the field.  In other words, I can type in wwwdomain.com but not www.domain.com.  Have you ever seen this?
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16928567
Thanks Spakko, I assume you mean DMZ? Is that correct?  If not, I don't understand.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 80 total points
ID: 16929643
>>"Have you ever seen this?"
No I haven't but I have only done it once or twice.
If you are using the correct domain, usually you only have to put in the www and the rest is filled in automatically. You will see it filled in in the grayed out box below.
0
 
LVL 23

Assisted Solution

by:Erik Bjers
Erik Bjers earned 160 total points
ID: 16929812
Don't add a new alies, add a new host record like intweb (for internal web) and give it the internal IP for your server.  You can then access your site by intweb.domain.com or intweb from clients inside your network and www.domain.com from outside.

eb
0
 
LVL 3

Accepted Solution

by:
papimichel earned 260 total points
ID: 16931159
on your DNS server, open its managment console, click forward lookup zone, right click your domain name, and add a host.
name the host "www", and address it with the web server's IP address.
then.
same process for your smtp-create another host and name it smtp, address it with the smtp server's ip and your'e done.
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16935440
Thanks everyone, I really hate trying to give points fairly, since everyone is generous-i really do my best.  Adding the forward zones help, also there were other dns issues that needed to be resolved. Good news is that with everyone in this forum's help, things are again working well-I think(fingers crossed)
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935684
Glad everything worked out for you.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16935708
Thanks lizardqueen007,
--Rob
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vSphere 5.5 - move subnet to another data center? 2 20
google exe file 5 68
Device browser and/or dns client cache update through web page 7 27
DNS.exe on Azure 2 24
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question