Solved

DNS service setup like a hosts like?

Posted on 2008-10-09
4
238 Views
Last Modified: 2010-04-19
Hi, we're having a weird problem with DNS setup.  We cannot access our web servers from inside of our network with an external address of the website (we were told it was for security reasons for the firewall / router, why?).  So the router/firewall (Cisco PIX) was configured to translate DNS queries from external IP to internal IP.  So, when I do nslookup on a domain using ANY name server (internal or external) returns for us an internal IP of the server, while for people outside of our network the IP is external.

This setup worked well.

However, lately, and worse randomly, some people on my network started getting the external IP for the server, which we can't access, so they get timeouts while trying to use it.  I'm currently guessing our internal DNS server (domain controller) must get the external IP from a real name server, and cache it.  Of course, this shouldn't happen as our router/firewall always supposed to translate those DNS queries to internal IP.  

Anyways, my only current solution is to clean the DNS cache on my MS Windows 2003 Server, and then run ipconfig /flushdns on client computers.  But in an hour the problem may be back, for different people.  There must be a better solution.

I know I can do the hosts file on computers, with the group policy / login scripts.  I've tried doing the hosts file just on the DNS server, but I'm guessing on the DNS server the hosts file gets ignored - I ping www.domain.com no problem, I get internal IP, but when I do nslookup on the same DNS server, I get the external one.  

I know I could handle it by doing something to the DNS (on domain controller) on our end.  Do I use DNSCMD command?  Assuming I want to force www.domain.com to go to some internal IP, how would I do it?
0
Comment
Question by:s_p_z
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Expert Comment

by:jpquonce
ID: 22681472
Have you added www.domain.com to your local dns server to point to an internal ip?

Is your website the same as your computer network domin. EX test.com is ActiveDirectory network and your website is www.test.com?

If that is the case just add www to the forward look up zone for your domain and add www to point to your internal domain.
0
 

Author Comment

by:s_p_z
ID: 22681620
Haven't added the www.domain.com to local DNS server - is that where I start using the dnscmd /zoneadd or /recordadd?

And nope, this www.domain.com is just a website - our actual Windows domain is something totally different.

And I think that is precisely what I want to do, but searching online I haven't found much help - so I create new zone (with the website domain), and to that I add the www forward look up zone?  

Would you happen to know the commands I run with DNSCMD tool?  Or have a link handy how to do it in GUI?  It can be like a HOSTS file: www.website.com points to 192.168.0.x

Thanks,
0
 
LVL 6

Accepted Solution

by:
jpquonce earned 250 total points
ID: 22681708
"create new zone (with the website domain), and to that I add the www forward look up zone?"

Thats what I would do as that would be the easiest and that would only effect people on your domain.
Go to the GUI and right click FORWARD ZONE and go to NEW ZONE. Then make it a primary zone and just go through the wizard and if you have more then one dns server then you will want to select the options to replicate it. Then when it asks for the zone name just put domain.com. Then in that zone add the www to point to that IP and that should work for you.
0
 
LVL 2

Assisted Solution

by:Dan560
Dan560 earned 250 total points
ID: 22681718
I had the same problem.

I needed to create a forward lookup zone mycompany.com and then add a host (a) record. The record needs to have the internal IP address for example 10.13.1.10.

However for this to work - all your internal users need to pointing to DNS server.

what I did was configured my router so that its DNS server was the sbs, and then setup forwarders on my SBS to look at the DNS servers my isp gave me.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question