[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Internal DNS not resolving, points to bogus external ip address

Posted on 2011-10-26
18
Medium Priority
?
401 Views
Last Modified: 2012-05-12
EE,
I've been having this issue with a web app located on a local webapp server.  When the address is used outside my network it resolves perfectly and goes streaight into the website. Yet when tired to access from inside the network it give a website not found.  When I run nslookup internaly for webapp.capsure.com without the dot at the end it gives me my internal address fine. Yet when I nslookup webapp.capsure.com. with the dot it gives me an ip address that does not exist (206.188.192.47).  This issue started to happen all of a sudden without any changes to the servers.  

Internally i can access the site with the ip fine... but my dns seems to not pick up or take effect on any of my client computers. My domain controller is the DNS, AD, and Excahange server and it has not gone down at all and for some reason dns stopped resolving yesterday morning.  

I do not own capsure.com and just have the subdomain with them since its their app we are currently using (when it was working). They host their domains with Network Solutions and according to support they had network solutions update their records which was their first solution to the problem "wait until the updated records poppulate".  Its been a day and it seems to be more than that. When i run a tracert from inside the network it points to the 206.188.192.47 and stops at hop 10.

Tracert Results from Inside the Network
When I run tracert from outside the network it hops all the way to the external ip of the server.
Tracert Results from Outside the NetworkI would appreciate the help i need this webapp to be up since it does a crucial function at this place.

Addresses are fake if you need me to place real addresses so you can help let me know.
Thanks in advance  
0
Comment
Question by:Osram34
  • 10
  • 3
  • 3
  • +1
18 Comments
 
LVL 7

Expert Comment

by:Moomin83
ID: 37033124
Hi Osram34

I assume the forward look up within DNS has been confirmed to be correct. Secondly you could try adding a DNS c name for the web app pointing it to the correct ip address. Also check if there is no faulty "reverse" lookup within the DNS setup. lastly you can perform the basic "ipconfig /flushdns" and "ipconfig /registerdns" from command prompt on the server hosting the webapp.

Hope it helps
0
 

Author Comment

by:Osram34
ID: 37033207
Thanks for the prompt response what exactly do mean my a c record??? i've just found the advanced view option in dnsmgmt and seems like in the cahced lookups is where the problem is.  I found the address that im trying to modify and it has a record to the exterior wrong ip.  the time to live on it is in about an hour and 15 minutes i hope this will get resolved as soon as this a record dies or should i just delete it. Don't want to make things worse.
0
 
LVL 3

Expert Comment

by:Hobett
ID: 37033255
Deleting the cahced record will be fine. You can could then ping -a webapp.capsure.com to get it to resolve the name and cache it. This will then let you know if the record gets setup correctly.

ipconfig /flushdns will clear the whole cache which won't help much in tracking down why it is the wrong ip being resolved and may cause more problems.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:Moomin83
ID: 37033290
Alias(Cname) is a record in DNS, attached is an example (personal info removed)
creating new records by selecting right mouse click within the forward look up in DNS
cname1.JPG
cname.JPG
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 37033460
Hi,

Is your domain named: capsure.com?
0
 

Author Comment

by:Osram34
ID: 37033992
hobett i went ahead and deleted the record and it seemed to have worked for a little bit like 10 minutes. WHen i do nslookup on both the one ending in com and the on ending in com. i get the internal ip address but when i ping -a webapp.capsure.com i get the bogus external again where do you think this ip is coming from?
0
 
LVL 3

Expert Comment

by:Hobett
ID: 37034236
So you are using nslookup and it is using the default DNS server, e.g. nslookup capsure.com and not nslookup - ipOfDnsServer? As Ping and nslookup should use the same dns server.

I would test each of your dns servers to see which one has the incorrect entry. I would start with the DNS servers that the caching server is looking to as forwarders if any are set. It may be that one of those servers has an incorrect entry.

When I ping capsure.com I get: 81.200.64.50 which I note is different to the response in your first post.
0
 

Author Comment

by:Osram34
ID: 37034328
here let me show you all my screen shots you have some time??
0
 
LVL 3

Expert Comment

by:Hobett
ID: 37034426
I'm afraid I've run out of time tonight - cats and the Mrs are telling me it's bed time :(

Nslookup and ping do not use the same system libraries to lookup hostnames. Ping uses the system library whereas nslookup uses it's own internal library.

Explained better here:
http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/nslookup-results-different-to-ping.html

Why there is a difference between .com. and .com
http://oreilly.com/catalog/netpc/excerpt/sidebar.dns.htm

I'm on a corporate away day tomorrow so won't get chance to look tomorrow, sorry.
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 37034889
I think I get your problem, is the external ip you are resolving not the correct one? Is it the same ip you are getting request time out the same ip you contact externally?

How do you enter the site outside, via www.website.com? 

Your main domain is joalvarez.local, so I guess you should access internally via webapp.joalvarez.local?

Could you point out this questions pls
0
 

Author Comment

by:Osram34
ID: 37035928
Outside you enter the address directly joalvarez.capsure.com the same way as it should be accsible from within the network. Software is referenced that dns to access the db. so its not just for web access. And yeah that external ip that it points to is the ip for www.capsure.com. The joalvarez.capsure.com should be pointing to either my internal ip or my external ip from within the network.  From outside the netowrk my dns resolves perfectly and points to my external ip. I've neutralized the problem temporarily with the hosts file but the problem is yet to be solved maybe you can shine some light.
0
 

Author Comment

by:Osram34
ID: 37035942
Hopefully i didn't consfuse you let me know.... not sure if im making much sense at this point.

0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 37037456
I think I get the picture, outside you use www.capsure.com and internally joalvarez.capsure.com, but as I can see capsure.com is not your local domain, so basically it will always try to go to the outside since that domain (capsure.com) is not authoritive for your DNS.
The only way to access locally is when you use joalvarezinc.local, meaining that if you use http://capsure.joalvarezinc.local you will be directed to the local ip 192.168.2.15.

Correct me if I'm wrong about this.

However, if you need to use the www.capsure.com, you should create this domain whithin your DNS server: A primary domain called capsure.com and create an A record called www and the ip should be 192.168.2.15, that way you will resolve to www.capsure.com to the ip 192.168.2.15.

Rgds.
0
 

Author Comment

by:Osram34
ID: 37037650
i guess i didnt make sense yesterday...  sorry long day of troubleshooting. www.capsure.com is the dev of the web app so webapp.capsure.com is how you would access form outside the netowork.  From inside the network it was accessed exactly the same for about a year or so webapp.capsure.com without a problem untill the other day.  Internal DNS keeps on referencing the wrong ip for some reason.
0
 

Author Comment

by:Osram34
ID: 37037654
I think i know what you mean... ill be at the office in a bit ill let u know
0
 

Accepted Solution

by:
Osram34 earned 0 total points
ID: 37111701
thanks for everyones involvement in this question.... It just happened that their domain provider had changed their configuration and my name server took a long time to re populate.  A total of about 10 days for my name server to pick up the new settings... :( what  a bummer seems like everything is back to normal. Still i believe when software developers change things like their domain that could infact affect someones installation the customers should be warned about such changes. www.capsure.com
0
 

Author Closing Comment

by:Osram34
ID: 37130141
Time was the answer to the question...
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question