Solved

DNS service setup like a hosts like?

Posted on 2008-10-09
4
235 Views
Last Modified: 2010-04-19
Hi, we're having a weird problem with DNS setup.  We cannot access our web servers from inside of our network with an external address of the website (we were told it was for security reasons for the firewall / router, why?).  So the router/firewall (Cisco PIX) was configured to translate DNS queries from external IP to internal IP.  So, when I do nslookup on a domain using ANY name server (internal or external) returns for us an internal IP of the server, while for people outside of our network the IP is external.

This setup worked well.

However, lately, and worse randomly, some people on my network started getting the external IP for the server, which we can't access, so they get timeouts while trying to use it.  I'm currently guessing our internal DNS server (domain controller) must get the external IP from a real name server, and cache it.  Of course, this shouldn't happen as our router/firewall always supposed to translate those DNS queries to internal IP.  

Anyways, my only current solution is to clean the DNS cache on my MS Windows 2003 Server, and then run ipconfig /flushdns on client computers.  But in an hour the problem may be back, for different people.  There must be a better solution.

I know I can do the hosts file on computers, with the group policy / login scripts.  I've tried doing the hosts file just on the DNS server, but I'm guessing on the DNS server the hosts file gets ignored - I ping www.domain.com no problem, I get internal IP, but when I do nslookup on the same DNS server, I get the external one.  

I know I could handle it by doing something to the DNS (on domain controller) on our end.  Do I use DNSCMD command?  Assuming I want to force www.domain.com to go to some internal IP, how would I do it?
0
Comment
Question by:s_p_z
  • 2
4 Comments
 
LVL 6

Expert Comment

by:jpquonce
ID: 22681472
Have you added www.domain.com to your local dns server to point to an internal ip?

Is your website the same as your computer network domin. EX test.com is ActiveDirectory network and your website is www.test.com?

If that is the case just add www to the forward look up zone for your domain and add www to point to your internal domain.
0
 

Author Comment

by:s_p_z
ID: 22681620
Haven't added the www.domain.com to local DNS server - is that where I start using the dnscmd /zoneadd or /recordadd?

And nope, this www.domain.com is just a website - our actual Windows domain is something totally different.

And I think that is precisely what I want to do, but searching online I haven't found much help - so I create new zone (with the website domain), and to that I add the www forward look up zone?  

Would you happen to know the commands I run with DNSCMD tool?  Or have a link handy how to do it in GUI?  It can be like a HOSTS file: www.website.com points to 192.168.0.x

Thanks,
0
 
LVL 6

Accepted Solution

by:
jpquonce earned 250 total points
ID: 22681708
"create new zone (with the website domain), and to that I add the www forward look up zone?"

Thats what I would do as that would be the easiest and that would only effect people on your domain.
Go to the GUI and right click FORWARD ZONE and go to NEW ZONE. Then make it a primary zone and just go through the wizard and if you have more then one dns server then you will want to select the options to replicate it. Then when it asks for the zone name just put domain.com. Then in that zone add the www to point to that IP and that should work for you.
0
 
LVL 2

Assisted Solution

by:Dan560
Dan560 earned 250 total points
ID: 22681718
I had the same problem.

I needed to create a forward lookup zone mycompany.com and then add a host (a) record. The record needs to have the internal IP address for example 10.13.1.10.

However for this to work - all your internal users need to pointing to DNS server.

what I did was configured my router so that its DNS server was the sbs, and then setup forwarders on my SBS to look at the DNS servers my isp gave me.
0

Featured Post

The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Resolve DNS query failed errors for Exchange
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question