• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 423
  • Last Modified:

DNS Resolving local Names as external IP address

This occures randomly through out the day. All workstations have experienced it. It usually only lasts for a few minutes or until I flush and register the DNS on the workstation.

This is a standard SBS 2003 server that does DHCP, DNS, File serving, print serving. Just basic stuff.

I have scoured through the DNS settings, they seem ok. I have also checked the firewall to make sure DNS is disabled on it.

In the example below it should be resolve
C:\Documents and Settings\user>ping server01

Pinging p12p-i.geo.vip.re4.yahoo.com [] with 32 bytes of data:

Reply from bytes=32 time=86ms TTL=52
Reply from bytes=32 time=109ms TTL=52
Reply from bytes=32 time=96ms TTL=52

Ping statistics for
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 109ms, Average = 97ms
  • 2
1 Solution
Darius GhassemCommented:
Make sure you are only pointing to the SBS server only within the TCP\IP settings of the clients and server.
Mark DamenERP System ManagerCommented:
Check the hosts file also.


Should only really need to have localhost in there as an entry, anything is prob. suspicious.
demmons-ssitAuthor Commented:
Just fixed it... This was a doozey!

The DNS settings all look fine on the server.

I checked DHCP and there was an entry for two external IP addresses as secondary DNS servers being dished out to workstations. So every workstation could browse the intertubes even if the server went down. Mind you I just took over this environment, don't know what the previous sys admin was thinking. The two Public IP's set as DNS servers for workstations were from CBeyond and a DSL company.

Looking at the A records for the company website host name I noticed an odd A record that was resolving *.DomainName.com to the Yahoo IP in the OP.

Basically the path and randomness looked like this...
Server was overloaded with requests, the workstation tapped its secondary DNS, the secondary DNS can resolve *.domainname.com so it was resolving private hostnames as that public Yahoo IP. The local DNS server finally cools off from requests and the clients revert back to primary DNS.

I can confirm the fix, the DNS path and everything but the workstations flipping to secondary DNS. I don't know how to track that.

Thanks guys!
demmons-ssitAuthor Commented:
Thank you, checking the DNS settings using ipconfig /all did indeed show the two extra public IP's under the secondary DNS field. Which is what I believe you were trying to convey here.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now