Windows 2008 R2 Std/Active Directory/DNS - DNS lookup issues....

Hi,
I've been having fun of late getting the DNS function on our new Windows 2008 R2 Std Server to work right.  It's setup in an office (only one in the office) as the DC, with Active Directory and DNS.  The domain is MYCOMPANY.CO.UK (which I later found out doing the whole fully qualified domain name isn't always such a great idea but you know what they say about hindsight).  It's setup as the domain server for all the PCs in the office, the DC itself has all the root DNS servers listed and also uses our Firewall/VPN/Router for DNS lookups too (which itself uses OpenDNS servers).
Now when I do a nslookup on my PC I always get the following;

C:\>nslookup www.google.co.uk
Server:  UnKnown
Address:  192.168.0.1

Non-authoritative answer:
Name:    www.google.co.uk.co.uk
Address:  67.215.65.132

C:\>

yet if I ping the domain name I get it's proper ip address and if I then take that ip address and so a reverse lookup I get it's proper domain name.  

C:\>ping www.google.co.uk

Pinging www.l.google.com [209.85.146.106] with 32 bytes of data:
Reply from 209.85.146.106: bytes=32 time=34ms TTL=54
Reply from 209.85.146.106: bytes=32 time=34ms TTL=54
Reply from 209.85.146.106: bytes=32 time=34ms TTL=54
Reply from 209.85.146.106: bytes=32 time=35ms TTL=54

Ping statistics for 209.85.146.106:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 35ms, Average = 34ms

C:\>

C:\>nslookup 209.85.146.106
Server:  UnKnown
Address:  192.168.0.1

Name:    bru01s01-in-f106.1e100.net
Address:  209.85.146.106

As you can also see from the above screen shot the Name is www.google.co.uk.CO.UK.  Now my spidey senses are telling me that something isn't quite right here.  Also it says Server: Unknown / Address: ip address of DNS/DC server.

I think I've basically done something very wrong.  Could someone give me some idea as to what do try to correct this please?

Many thanks
sjb79Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Miguel Angel Perez MuñozCommented:
Have you try purgue DNS cache on your DNS?
mattconroyCommented:
All you need is a reverse lookup record (PTR) added for the subnet of your DNS Server.
Vinchenzo-the-SecondCommented:
Configure you DC so root hints are disabled, and configure a forwarder to your router.  Make sure the DC IS pointing to itself for DNS resolution.  As stated above make sure you have reverse lookup zones for your internal subnets.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Darius GhassemCommented:
Everything actually looks ok. I'm getting a totally different IP address then you are. Google has multiple DNS servers with multiple locations as long as you are not getting times outs you should be good to go. Are you seeing any issues when resolving DNS going out to the internet?


This will explain the added suffix.

http://www.experts-exchange.com/Networking/Protocols/DNS/A_652-DNS-Wildcards-and-Search-Lists.html
sjb79Author Commented:
ok guys thanks for that, I will look at all these in detail on Monday :-)  Have a good weekend guys!
sjb79Author Commented:
Hi Guys,

I've looked into your comments and I am a little lost.  I looked at that link from Dariusg and ran the "set debug" option and got the following;

> set debug
www.MYDOMAIN.co.uk
Server:  UnKnown
Address:  192.168.0.1

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        www.MYDOMAIN.co.uk.MYDOMAIN.co.uk, type = A, class = IN
    AUTHORITY RECORDS:
    ->  MYDOMAIN.co.uk
        ttl = 3600 (1 hour)
        primary name server = rs1.MYDOMAIN.co.uk
        responsible mail addr = hostmaster.MYDOMAIN.co.uk
        serial  = 122
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        www.MYDOMAIN.co.uk.MYDOMAIN.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  MYDOMAIN.co.uk
        ttl = 3600 (1 hour)
        primary name server = rs1.MYDOMAIN.co.uk
        responsible mail addr = hostmaster.MYDOMAIN.co.uk
        serial  = 122
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 4, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        www.MYDOMAIN.co.uk.co.uk, type = A, class = IN
    ANSWERS:
    ->  www.MYDOMAIN.co.uk.co.uk
        internet address = 67.215.65.132
        ttl = 0 (0 secs)

------------
Non-authoritative answer:
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 1

    QUESTIONS:
        www.MYDOMAIN.co.uk.co.uk, type = AAAA, class = IN
    ADDITIONAL RECORDS:
    ->  (root)
        ??? unknown type 41 ???
        ttl = 0 (0 secs)

------------
Name:    www.MYDOMAIN.co.uk.co.uk
Address:  67.215.65.132

>

I tried disabling root hints but then we coudn't browse anywhere.  Oh and I don't know how to setup reverse lookups either :-/
I'm affraid this is a bit of a "Fisher Price - my first domain server" moment for me so be gentle please
Vinchenzo-the-SecondCommented:
When you disable root hits, configure forwarders on the DNS server to go to your Router/firwall which handlesyour DNS resolution for the internet.
Darius GhassemCommented:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sjb79Author Commented:
The following is a snipped of the DNS setting I think you're talking about, if I untick "Use root hints if no forwarders are available", despite the router being entered, we loose DNS (as all PC's in office use the DC as a DNS server too)
Capture.JPG
Darius GhassemCommented:
You should be pointing to external DNS servers not the router.
sjb79Author Commented:
Ok, did that but will getting that extra ".co.uk" on the end :-/
Capture2.JPG
Darius GhassemCommented:
That is going to happen because you have this in the dns suffix search list. You can ignore this.

Did you read the link I posted?
sjb79Author Commented:
Hi Dariusg,
I have but I am a little lost when it comes to some of the configuration.  So that fact nslookup returns an opendns server as the ipaddress and add's ".co.uk" to the end of the domain I am looking up is a good thing?
Darius GhassemCommented:
No your local system adds the dns suffix
sjb79Author Commented:
and I can't stop it from doing that?
Darius GhassemCommented:
You can remove the dns suffix search list but you don't have too this is NOT causing any problems just adding this when you run certain commands but again not causing any problems
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.