lizardqueen007
asked on
Dns problem on web server can not resolve it's own domain name but can resolve other domains
Hi,
I am working on a web server-windows 2000 server. The website can be viewed from the internet with no problem, but you can not view the website from the web server itself. I am trying to figure out some dns problems in our local network. Also some cgi scripts are not performing as they should.
Here are some results from tracert, pings, and nslookup that were performed from the web server.
C:\Documents and Settings\Administrator>nsl
Server: server.domain.com
Address: 10.222.10.222
Name: www.domain.com
C:\Documents and Settings\Administrator>tra
Unable to resolve target system name www.www.domain.com
C:\Documents and Settings\Administrator>tra
Tracing route to www.l.google.com [66.102.7.99]
over a maximum of 30 hops:
1 4 ms 13 ms 2 ms mail.us.embeddedsol.com [63.145.241.33]
2 271 ms 5 ms 5 ms svl-edge-12.inet.qwest.net
3 5 ms 5 ms 5 ms svl-core-01.inet.qwest.net
4 5 ms 5 ms 5 ms pax-edge-01.inet.qwest.net
You get the idea
Trace complete.
C:\Documents and Settings\Administrator>nsl
Server: server.www.domain.com
Address: 10.222.10.222
Name: www.domain.com
C:\Documents and Settings\Administrator>pin
Unknown host www.domain.com
C:\Documents and Settings\Administrator>pin
Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Ping statistics for 10.222.10.222:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Documents and Settings\Administrator>pin
Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:
Reply from 110.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Ping statistics for 10.222.10.222:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
I do have DNS installed on the webserver, which did instantly fix the mail server problem, but obviously we are still having trouble.
Thank you
I am working on a web server-windows 2000 server. The website can be viewed from the internet with no problem, but you can not view the website from the web server itself. I am trying to figure out some dns problems in our local network. Also some cgi scripts are not performing as they should.
Here are some results from tracert, pings, and nslookup that were performed from the web server.
C:\Documents and Settings\Administrator>nsl
Server: server.domain.com
Address: 10.222.10.222
Name: www.domain.com
C:\Documents and Settings\Administrator>tra
Unable to resolve target system name www.www.domain.com
C:\Documents and Settings\Administrator>tra
Tracing route to www.l.google.com [66.102.7.99]
over a maximum of 30 hops:
1 4 ms 13 ms 2 ms mail.us.embeddedsol.com [63.145.241.33]
2 271 ms 5 ms 5 ms svl-edge-12.inet.qwest.net
3 5 ms 5 ms 5 ms svl-core-01.inet.qwest.net
4 5 ms 5 ms 5 ms pax-edge-01.inet.qwest.net
You get the idea
Trace complete.
C:\Documents and Settings\Administrator>nsl
Server: server.www.domain.com
Address: 10.222.10.222
Name: www.domain.com
C:\Documents and Settings\Administrator>pin
Unknown host www.domain.com
C:\Documents and Settings\Administrator>pin
Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Ping statistics for 10.222.10.222:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Documents and Settings\Administrator>pin
Pinging maple.CMSINET.COM [10.222.10.222] with 32 bytes of data:
Reply from 110.222.10.222: bytes=32 time<10ms TTL=128
Reply from 10.222.10.222: bytes=32 time<10ms TTL=128
Ping statistics for 10.222.10.222:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
I do have DNS installed on the webserver, which did instantly fix the mail server problem, but obviously we are still having trouble.
Thank you
Rob Williams
Try manually adding a new Alias/CNAME record in DNS for the web server using the local IP of the web server in the forward look up zones under your server.
The external name is resolved by the external DNS to the external address. The router then does a NAT translation to the web server's internal IP address. To access the site internally you must use the format http://servername/startpage. For example, if the server internally is called mymail and externally its MX recoerd is mymail.mycompany.com, externally you would access with http://mymail.mycompany.com and internally you would access with http://mymail
ASKER
RobWill,
Could you please explain. What the CNAME record should look like? For instance what would the alias name be and where would it point?
Could you please explain. What the CNAME record should look like? For instance what would the alias name be and where would it point?
What is the server's primary DNS server? It should be set to it's own IP address and there should be no others listed (unless they are other DNS servers on your network). YOu should then have forwarders listed for external DNS servers.
Also why are you tracerting www.www.mydomain.com, shoulden't it be www.mydomain.com?
eb
Also why are you tracerting www.www.mydomain.com, shoulden't it be www.mydomain.com?
eb
ASKER
ebjers,
The only dns server listed in the tcp/ip settings is itself.
The only dns server listed in the tcp/ip settings is itself.
ASKER
Also, I got an error message from the cgi perl script saying that it could not resolve smtp.domian.com
And you might take a look at another question that might be related.
https://www.experts-exchange.com/questions/21890240/Strange-entry-in-DNS-event-viewer-log-Event-ID-7063-The-DNS-server-is-configured-to-forward-to-a-non-recursive-DNS.html
Those errors were found on the domain controller not on the web/mail server that we are referring to in this question.
And you might take a look at another question that might be related.
https://www.experts-exchange.com/questions/21890240/Strange-entry-in-DNS-event-viewer-log-Event-ID-7063-The-DNS-server-is-configured-to-forward-to-a-non-recursive-DNS.html
Those errors were found on the domain controller not on the web/mail server that we are referring to in this question.
To add a CNAME, open the DNS management console, expand the Forward look up zones, highlight your domain, click actions on the menu bar and then New Alias (CNAME). In the Alias name enter the alias such as www.somedomain.com, then browse to the actual host/server and click OK. The CNAME acts as an alias on your local network to resolve the name to the local server IP rather than the external/WAN IP. I just found a similar discussion a while ago that may help:
https://www.experts-exchange.com/questions/21656672/Internal-External-DNS-viewing-external-page-internally.html?query=adding+a+CNAME&clearTAFilter=true
https://www.experts-exchange.com/questions/21656672/Internal-External-DNS-viewing-external-page-internally.html?query=adding+a+CNAME&clearTAFilter=true
Have you thought about the fact that when request to see the site from inside your network it resolves to an external / public IP address that then comes back in via your NAT / Router... I have seen this cause problems once or twice before.
An easy workaround is to create a new DNZ Zone on your server called domain.com (as per your example) and then create an A record called www that resolves to your server's internal IP address (eg 192.168.1.10). That way when someone requests access to your website locally, your DNS sever "catches" the call and directs it to the local IP address. Anyone outside of your network gets the public IP address and gets in happily too.
An easy workaround is to create a new DNZ Zone on your server called domain.com (as per your example) and then create an A record called www that resolves to your server's internal IP address (eg 192.168.1.10). That way when someone requests access to your website locally, your DNS sever "catches" the call and directs it to the local IP address. Anyone outside of your network gets the public IP address and gets in happily too.
Ooops... I mean DNS Zone in in the above. Damn keyboard...
ASKER
Ebjers, yes www.mydomin.com this was a cut and paste mistake when obfiscating real domain to experts exchange.
I really meant www.www.www.www.my domain .com-just kidding.
Laura
I really meant www.www.www.www.my domain .com-just kidding.
Laura
ASKER
RobWill, when I try to add the alias. The window will not let me put a "." in the field. In other words, I can type in wwwdomain.com but not www.domain.com. Have you ever seen this?
ASKER
Thanks Spakko, I assume you mean DMZ? Is that correct? If not, I don't understand.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone, I really hate trying to give points fairly, since everyone is generous-i really do my best. Adding the forward zones help, also there were other dns issues that needed to be resolved. Good news is that with everyone in this forum's help, things are again working well-I think(fingers crossed)
Glad everything worked out for you.
Thanks lizardqueen007,
--Rob
--Rob