DNS resolution issues

I have several clients who cannot resolve my website. The only common thread amongst them all is that they are all running Server 2003 with active directory. For what ever reason they are simply unable to resolve our IP addresses. It is not carrier specific either. If the client sets a specific machine to use an external dns server, they then have not issues resolving the site.
LVL 4
jojuezAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

savoneCommented:
Are you saying that if they use external DNS servers they CAN resolve the FQDN?

What are their DNS settings normally? Do they have a hosts file?

0
omarfaridCommented:
How these servers resolve dns domain names? Are they pointing to a specific DNS server?

Do they have firewalls before these servers blocking dns queries (port 53 udp & tcp should be open on the firewall)?

0
jojuezAuthor Commented:
All the client systems are part of the domain. They're only dns entry is pointing to the domain controller. They are behind a simple firewall and yes udp and tcp 53 are open. If they use another dns server external to their network, aside from the dc, the system resolves the site without issue. It is not feasible for me to ask them to put host entries in all of their systems.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

jojuezAuthor Commented:
Would a properly configured forwarder resolve the issue? If so, what is the proper configuration in this case?
0
omarfaridCommented:
Do they have dns server installed and running on the DC?

Does the DC have reverse lookup (PTR record) for its external IP address?
0
jojuezAuthor Commented:
They do have dns running on the dc. As far as the PTR record for the external of that I am not certain.
0
omarfaridCommented:
Ok,

From the command line on DC (while pointing to itself as DNS server), can they run nslookup and resolve external domains?

e.g.

C:\ nslookup www.cnn.com

0
jojuezAuthor Commented:
Yes they can, micro$oft, google, all the usuals. However, when they attempt my site specifically they cannot. I might almost believe it was something on my end if i didnt have 1300+ other users who have no problems at all
0
tastasI.T.Commented:
navigate to your DNS Server.

Open DNS Service --> click on Properties --> Forwarders and ensure that there are external addresses of your ISP DNS servers in there.

When you internal DNS fails to resolve host, it will forward the request to your specified external DNS server for host resolution.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tprpicsCommented:
what is the zone or a record that you are having problems with?
0
savoneCommented:
Do you have a record for your internal IP address and hosts in the DNS server (DC)??
0
jojuezAuthor Commented:
Sorry for the delay in my reply. This is for a dns server external to my organization. The problem is that if their DNS server(which is also their domain controller) cannot resolve our www or other sites, then it does not forward the request to any other servers resulting in the inability for them to be able to see our site. Any other customers of ours that are connected to the web but not on AD or hosting their own DNS have no issues getting to us.
Tastas: I am going to give what you suggested a try, the admin at my customer's site has left for the evening so I will try that today and get back.
0
savoneCommented:
Who holds the SOA for the domain?  Where are the nameservers pointed?  Can you give use the domain so we can look at the existing records?
0
jojuezAuthor Commented:
Thanks for the help man. That was right on the money. I have about a dozen customers with that problem that will getting a call from me. Thanks again.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.