• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 300
  • Last Modified:

DNS resolves www address when pinging internal systems on Windows 2003 Domain

We have a handful of computers that, when pinging another system (server) on the local network, resolves to the external 'www' address seen in our DNS Server (Windows 2003 server).  A reboot of the client seems to fix.  What could be causing this?
0
davis
Asked:
davis
  • 7
  • 3
  • 2
  • +2
2 Solutions
 
Mark DamenERP System ManagerCommented:
Are you running the same internal and external DNS domain name?

I.e. your company.com is used inside the LAN, and on the internet?
0
 
davisAuthor Commented:
yes, we are
0
 
davisAuthor Commented:
are you saying this is due to not having split DNS in Windows 2003m domain?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
MeultjeCommented:
Where do you have your ISP dns server forwarders placed. They should be on the forwarders tab rather than on the Interface tab, which occasionally is configured that way? Run dnsmgmt.msc on (all off) your dns server(s) -> open properties off the dns server and see if this is configured correctly.
0
 
ktaczalaCommented:
add an Alias CNAME in DNS called www. company.com and point it to your web IP
0
 
DrDave242Commented:
I think Meultje is on the right track, although the fact that your internal and external domain names are the same is the ultimate root of the problem.  Are your clients configured to use only your internal DNS server(s) for resolution?
0
 
MeultjeCommented:
I also come accros situations where the internal and external naming are the same. Also check if the DNS setting "006 DNS Servers" at your DHCP scope options are pointing to your internal DNS server(s) and the "003 Router" option points to your ISP router / firewall. Then as mentioned earlier see to it that your forwarders are correctly configured. Then your clients should resolve internally first and if unresolvable they will be forwarded to your ISP DNS servers. You should also check wether your DNS has A-records in your Forward Lookup Zone and pointers (PRT records) in your Reverse lookup Zone on your DNS servers for the systems that you ping to and are routed to the internet.
0
 
davisAuthor Commented:
DrDave - clients are now joined to 'CompanyB.com' but look to 'companyA' domain for resolution.  In other words, Clients are still using the resources of CompanyA.com but have been migrated to join CompanyB.com.  The client DNS configuration of the client has 'CompanyB.com as the Primary DNS suffix.  CompanyB.com is also top of the list for the suffix search list.  Although, the IP address of CompanyA.com's DNS server is first on the adapter.  So, under IPCONFIG /ALL, windows IP config and enternet DNS settings defined differently.

I am currently checking Meultje recommendations from above...
0
 
DrDave242Commented:
Since your clients are members of the companyb.com domain, it would make more sense (to me, anyway) to have them use companyb.com's DNS servers.  You should create conditional forwarders on the DNS servers for companya.com and companyb.com in order to facilitate resolution between the two domains, though (if you haven't already).  That way the clients will always query only their own domain's servers, and those servers will forward queries for companya.com over to the companya.com DNS servers (and vice versa for clients on the other side).
0
 
davisAuthor Commented:
ok, to clarify - our clients are now members of the companyB.com domain.  We change them to use companyB.com DNS servers.  Our clients will, for a short time, still need to access resources on CompanyA.com domain.  will we need to transfer the entire CompanyA.com zone 'across' to comanyB.com DNS server, to be able to resolve correctly?  Also, will there be a performance hit, if traversing WAN connection, for this type of query?  thanks for any insight
0
 
DrDave242Commented:
No, just configure conditional forwarders on the companyb.com DNS servers to forward queries for the companya.com domain to the companya.com DNS servers.  Then do the opposite on the companya.com DNS servers so that they'll forward queries for the companyb.com domain to the companyb.com servers.

Here's info on how to configure conditional forwarders in Server 2008:

http://technet.microsoft.com/en-us/library/cc754941.aspx

The process in 2003 is very similar.
0
 
davisAuthor Commented:
will be attempting the DNS re-configure soon and will update with results
0
 
davisAuthor Commented:
the zone transfer appears to be successful cor clients to resolve all 'local' resources by querying the 'remote' networks' DNS servers.  This, it seems, is obviously the most effient and reliable way query DNS  - through the DNS server of the domain which you are a member of.  thanks - -
0
 
davisAuthor Commented:
Most helpful recommendation to DNS server of 'own' domain but also valid recommendation to check DHCP scope options
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 7
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now