Solved

DNS Resolving local Names as external IP address

Posted on 2010-09-23
4
342 Views
Last Modified: 2012-05-10
This occures randomly through out the day. All workstations have experienced it. It usually only lasts for a few minutes or until I flush and register the DNS on the workstation.

This is a standard SBS 2003 server that does DHCP, DNS, File serving, print serving. Just basic stuff.

I have scoured through the DNS settings, they seem ok. I have also checked the firewall to make sure DNS is disabled on it.

In the example below it should be resolve 192.168.4.233
Example:
C:\Documents and Settings\user>ping server01

Pinging p12p-i.geo.vip.re4.yahoo.com [216.39.57.107] with 32 bytes of data:

Reply from 216.39.57.107: bytes=32 time=86ms TTL=52
Reply from 216.39.57.107: bytes=32 time=109ms TTL=52
Reply from 216.39.57.107: bytes=32 time=96ms TTL=52

Ping statistics for 216.39.57.107:
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 109ms, Average = 97ms
0
Comment
Question by:demmons-ssit
  • 2
4 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 33749117
Make sure you are only pointing to the SBS server only within the TCP\IP settings of the clients and server.
0
 
LVL 13

Expert Comment

by:markusdamenous
ID: 33749180
Check the hosts file also.

C:\Windows\System32\Drivers\etc

Should only really need to have localhost in there as an entry, anything is prob. suspicious.
0
 

Author Comment

by:demmons-ssit
ID: 33749668
Just fixed it... This was a doozey!

The DNS settings all look fine on the server.

I checked DHCP and there was an entry for two external IP addresses as secondary DNS servers being dished out to workstations. So every workstation could browse the intertubes even if the server went down. Mind you I just took over this environment, don't know what the previous sys admin was thinking. The two Public IP's set as DNS servers for workstations were from CBeyond and a DSL company.

Looking at the A records for the company website host name I noticed an odd A record that was resolving *.DomainName.com to the Yahoo IP in the OP.

Basically the path and randomness looked like this...
Server was overloaded with requests, the workstation tapped its secondary DNS, the secondary DNS can resolve *.domainname.com so it was resolving private hostnames as that public Yahoo IP. The local DNS server finally cools off from requests and the clients revert back to primary DNS.

I can confirm the fix, the DNS path and everything but the workstations flipping to secondary DNS. I don't know how to track that.

Thanks guys!
0
 

Author Closing Comment

by:demmons-ssit
ID: 33749680
Thank you, checking the DNS settings using ipconfig /all did indeed show the two extra public IP's under the secondary DNS field. Which is what I believe you were trying to convey here.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
shadow copies 7 76
DHCP DNS Set up 4 75
need help with active directory 4 44
Determine the reversed dns lookup zone for a given host 4 26
If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question