Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

What will happen if I delete an internet (IN) "A" record entry from my DNS ZONE FILE?

Posted on 2010-09-23
15
Medium Priority
?
612 Views
Last Modified: 2012-05-10
Internally, users can NOT reach our external website.  Our website is hosted externally.  The major issue is our domain is the same name as our website.  I've tried adding an A record to my internal DNS server (server 2003) specifically pointing the the external IP address of website but that didn't work.  It didn't work because the company hosting my website neglected to tell me that I don't have a dedicated IP so I'm working on that a separate issue.  Meanwhile My question is this, if I delete the BOLDED line out of my zone file shown below; will we will then be able to get to our website internally? And what are any ramifications of deleting this line that I need to be concerned about?  (domain name changed for security purposes)

reher.com.                                                 IN           MX         10   cluster9.us.messagelabs.com.
reher.com.                                                 IN           MX         20   cluster9a.us.messagelabs.com.
reher.com.                                             IN           A             173.201.168.1www.reher.com.                                      IN           A             173.201.168.1
ftp.reher.com.                                            IN           A             173.201.168.1

0
Comment
Question by:lovikhan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
15 Comments
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33745481
Internally domain.com will resolve to a Domain Controller, and it needs to be that way for Active Directory to work properly - so don't delete that record.
I think you'll have to have a static IP address on your website, in which case you could safely add an A record for www.domain.com that points to your web server.
The only other alternative that comes to mind is if your web server happens to have another name associated with it that is outside of your domain.com space, like yourcompanyname.yourhostingcompany.com, in which case you could add a CNAME record that points www to yourcompanyname.yourhostingcompany.com
0
 

Author Comment

by:lovikhan
ID: 33745572
Thanks for your reply.  I definitely wasn't planning on deleting anything off of my domain controller.  I want to delete that entry out of my zone file which resides with my external ISP.  And that IP address next to it, is a static IP giving to me my the company hosting my website.  I was under the impression that the only purpose that line served was to allow people to just type in reher.com without having to type www in front of it.  I don't know if your CNAME suggestion is viable, I'm just looking for a better understanding of what I already have before adding additional entries.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33745740
Okay, I think I understand a little better.  The issue is that your clients use your internal DNS server (they have to for Active Directory), and your internal DNS is authoritative for reher.com - so when one of your PC's tries to resolve www.reher.com it goes to your internal DNS server, which responds with "no such host" - the external DNS server is never contacted in this scenario.
The resolution is to add an A record for the host www to your internal DNS server with an address of 173.201.168.1.  Now, when one of your computers asks your internal DNS server for www.reher.com it will respond with the web servers address.  Internally, reher.com still won't work as it must always resolve to a domain controller for Active Directory's sake.
On your external DNS server, you should set reher.com = 173.201.168.1 and make www a CNAME of reher.com
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:lovikhan
ID: 33745907
Yes, your recap is correct.  I already added the A record to my internal DNS server as you stated and doesn't work because my internal domain is also reher.com.  Can you give me a little more help on what exactly a CNAME doesand the syntax for a CNAME entry.  I have to be honest, I'm scared to mess with my zone file too much for fear of causing something else not to work such as website going down externally.  Also, please be patient with me because we'll have to wait for proprogation before we see any results.  
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33746090
First off I need to be clear that you have TWO DNS servers - one at your hosting company, which serves external clients, and one on your Windows Server 2003 box that serves your internal Active Directory clients.
External DNS: Doesn't require any changes.
Internal DNS: Add a host to your reher.com Forward Lookup Zone; put www in the name box and 173.201.168.1 in the IP Address box. Do not change, add, or delete any other records on your internal DNS.
A CNAME (short for cannonical name) record is an alias.  It's not necessary to resolve your question, but in my opinion would be good practice - on your external DNS you can delete the A record for www.reher.com and add a CNAME that associates www.reher.com with reher.com:
www    IN    CNAME reher.com.
Now (externally still, nothing to do with your question or internal hosts) whenever someone wants to resolve www.reher.com they will get whatever the IP address for reher.com is.  CNAME's are useful, particularly with bigger zone files, because now if you ever need to change the IP address of your website you only need to do it in one spot.
(In the CNAME syntax example above, note that since www does not end with a dot, it is implicitly understood that the "origin" should be appended, making the complete name www.reher.com.  The "origin", put simply, is the domain name for which this zone file applies, e.g. reher.com)

0
 

Author Comment

by:lovikhan
ID: 33746149
give me a few minutes to get some print screens together, I'll get back to you shortly
0
 

Author Comment

by:lovikhan
ID: 33747282
Thanks for the clarification on the TWO DNS servers, I understand.  I went to check my internal dns using dns management.  Under forward lookup zones I have an entry and have had this entry for several months now to try & resolve this issue.  The entry is as follows.

www        Host(A)        173.201.168.1

External DNS:
I'll add the CNAME entry and see what happens over the next several hours.  Here's what I'm going to add to my EXTERNAL DNS zone file.  Is the syntax correct?

www         IN        CNAME             reher.com.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33747958
Yes, that CNAME looks correct - keep in mind though that's just a little side-note and shouldn't really affect anything one way or the other.
 
As for the problem with internal clients getting to your website: adding the www Host(A) 173.201.168.1 should have done the trick - if you go to a command prompt on one of your internal computers and ping www.reher.com does it resolve to 173.201.168.1?
0
 

Author Comment

by:lovikhan
ID: 33748649
Yes, when I ping the IP, it resolves.  As previously stated, I put this A record in several months ago and tried these steps before to no avail.  If the CNAME entry isn't going to help me with my issue, then I guess I'm right back at my original question.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33748798
If it resolves to the correct IP address then DNS is not the problem.

Remember that internally reher.com is always going to resolve to the internal address of one of your domain  controllers - there's no getting around that. Therefore, http://www.reher.com/ should work, but http://reher.com/ will NOT work. For the same reason, your website might fail to load properly if it contains any absolute URLs to reher.com.
0
 

Accepted Solution

by:
lovikhan earned 0 total points
ID: 35826674
This problem ended up having nothing to do with our zones file, MX record OR our domain/dhcp server.  We are using godaddy.com for hosting and in the godaddy utility where you deploy your website; our developer forgot to put http:// in front of the domain name.  The developer just typed
abc.com                127.100.44.123    

it should have been typed as  follows:

http://abc.com            127.100.44.123

 So because our internal domain is the same as our website, internal users couldn't get to our website because http:// wasn't specified in front of the domain name.  
0
 

Author Comment

by:lovikhan
ID: 35826704
we found our own solution.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 35826775
>> So becausSo because our internal domain is the same as our website, internal users couldn't get to our website because http:// wasn't specified in front of the domain name.

Hmm, that doesn't make any sense to me (that's almost a completely non-sensical statement), "http:" doesn't really belong anywhere in the GoDaddy tools, and would have affected external and internal clients equally (contrary to your original question).  Also that's a different IP address than you had referred to above, did using the correct IP address ultimately solve your problem?

Are you now saying that from an internal client you can reach the website with www.reher.com or reher.com (and your Active Directory domain name is still reher.com)?
0
 

Author Closing Comment

by:lovikhan
ID: 35868963
This solution was found after we exhaustively reviewed every single setting on our domain servers, dhcp servers, zone file, mx record and firewalls.  

Once we did all of that, we made atleast a dozen phone calls to godaddy.com and had a 3rd party webdeveloper look at our web site deployment.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question