Server 2012 Internal DNS blocking a websites javascript or CSS

Posted on 2013-11-12
Last Modified: 2013-12-10
Greetings experts,

I have a Windows 2012 internal domain.  We use the internal DNS for our environment.  Our internal and external Domain name is the same. (I know, bad idea, but it's been that for years and they didn't want to change)
The website is hosted externally by

They have a picture section on the website.  You chose a picture for a close up and it pops up with text describing the picture.  The Web designer told me he uses javascript and CSS for the close up picture / text.

If you are outside the network everything works fine.  If you are on the network, the picture pops up, without the text below.  

I worked the problem, and was able to view on the server itself.
On the desktops, I was able to view the text if I take out the internal DNS and insert: (Google DNS).
I tried to set the Internal DNS as second, but when I do that the internal server name is resolving to the external IP, no good due to exchange and file server.  

Any idea on how to tell the DNS server to let the script through?  I changed all the Internet option settings on the desktop without luck.  Only thing I can think of is to manually put an entry in the host file,  but that is a little funky..  Also added as a forwarder on the DNS server, no good.

Any help would be appreciated..
Question by:kaceyjames
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 20

Expert Comment

by:Daniel McAllister
ID: 39644837
The problem is not with the script, it is with your DNS setup.

If you query the OUTSIDE world, resolves via DNS to the file on the webserver at (at your hosting company).

However, if you query from INSIDE your LAN, resolves via DNS to the file on the local 2012 server at (inside your LAN).

The problem is that these are different places with the same name (even though the name likely does not exist at the 2012 server).

Any solution you use is going to have to resolve this problem. Here are some options:
 1) synch your public website to the 2012 server, so that the contents on the hosted server are replicated on the local server. NOTE: There may be some functionality that breaks -- depends on what you have going on at your website, but most java and CSS things should work fine.
 2) change your 2012 web service to act as a proxy to the external server (that is, redirect all internal website queries back out to the hosted server).
 3) change your internal domain name to NOT end in a TLD (thus, the prevalence of .local)
 4) change the internal and external hostnames (like www) so that you can identify from within the LAN whether you want the internal or external website. (NOTE: This may require some adjustments on the external site to accommodate the likes of "" being the same as "" on that server (much less just plain "" on that server.
 5) change the local DNS server to resolve and @ (or, just plain "" to point to the extenal site -- then use a different hostname for the internal site -- like, or internal.yourdomain.dom.

There are other ways -- you just have to think about how the computer (both DNS and the webserver that DNS points it to) handles the requests.

Good Luck!


Author Comment

ID: 39644882
Thanks for the reply Dan..

If the Internal query points to the 2012 server, how come the picture pops up?  There is no pictures on the Internal server.  

Maybe I'm missing something, but if the correct picture pops up when I click the link, then I'm assuming it's querying the web server, not the 2012 server.  

Is you type in internally it brings you to the external website.

Only problem is that internally, the text under the picture does not appear when I'm inside my network.

LVL 20

Expert Comment

by:Daniel McAllister
ID: 39644940
OK, so if you query internally, and the site comes up, then there is something else on the site that's not resolving properly (or else this isn't a DNS issue at all).

Look to your code on the site -- when the javascript runs (or the CSS loads) it does so with a link into some place on the site... does it reference it differently? Maybe resolves properly, but not on your internal domain?

Perhaps you should look to your external DNS zone file and see all of the entries that point to your hosted server (@, www, and all of the others) and make sure that those same entries exist on the local DNS server (and point to the same hosted site).

You should also make sure any CNAME values are duplicated.

I think the issue might be that you're assuming some kind of failover within DNS -- as-in:
if I query and the local DNS server doesn't have it, it'll look outside to resolve it.

That won't work because your local DNS server is going to report itself as "authoritative" for the domain "" -- so if it doesn't have the data, no one else is supposed to have it either.

In answer to your follow-up - I'm not aware of any DNS server (Microsoft or other) that will answer from local files, and if not found, do a recursive internet query to attempt to resolve a client query. That's just not how DNS works.

I hope this helps.

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Author Comment

ID: 39645727
I'll look at the code as soon as a computer frees up.  
2 points:

If I change the DNS server on the desktop to the site works fine.  So it tells me it has to be DNS due to making that change resolves the issue.

When you go to the section where the pictures are listed say:
You are then presented with about 10 tiles to click.  Once you click a tile a pop up happens and the URL in the browser does not change.  The box pops up with the picture with the text if outside the environment, without text inside the environment.
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 500 total points
ID: 39647933
OK, I think you missed something... let me try again:

First, let's look at the structure of the website:
 - You load pictures in an html frame, and then have a javascript program that allows you view the full detail picture, much larger. Probably, there are 2 versions of the image on the server -- one small one for the html frame, and a larger one accessed by the javascript.
 - When you go to the webpage, you load the small images
 - When you mouse over an image (or perhaps click on it), your browser loads the larger one thanks to the javascript.
 - Everything works when you use your external DNS server (the one the rest of the world uses)

Now, understand that for every image you're mousing over, you're doing an html lookup (the javascript is going out there to load the full-size image.... and when it does so, it goes to a URL -- which causes a new DNS lookup, I'm guessing, but it seems likely that the javascript (or php, potentially) doesn't use the same DNS hostname that you used to access the website (or the smaller images).

In detail:
 - You open
 - The webpage loads (among others)
 - You mouse over the image a-small.jpg, and the javascript says to load

The issue you're seeing is that, to the outside world's DNS, the domain resolves www, server, and images all perfectly well (and, presumably to the same host).... and all is good with the website.

BUT - move into your LAN, where you have a separate, authoritative DNS service for You've done what you can, so far, so that points to the external webserver, as does but when you mouse over the image and the javascript tries to get the full-size image from, the location fails because your internal DNS server doesn't have the right address (if any address) for

Of course, I don't know the REAL domain or host names you're using, but the example should suffice...

Thus, my recommendation remains: you should get a full listing of all A records and CNAME records for your domain from the public-facing DNS server.... then make sure ALL of those records have the same values in your LAN-based DNS server.

You do NOT need to match up other types of records (TXT, SPF, MX, NS, SOA, etc...) - ONLY the A records and CNAME records matter in this case. [NOTE: Some may, indeed, not matter -- like or -- but the more you skip over, the more likely you're skipping over the one that is breaking the website]

I hope this explains better... and helps you to resolve the issue.


Accepted Solution

kaceyjames earned 0 total points
ID: 39648728
Thanks Dan..

I just checked back and now it's working.  I added as a DNS forwarder the other day, but it didn't work.  It must have just took time to catch up.

lets let it run for a few days and make sure it sticks..
Thanks for your efforts..

Author Closing Comment

ID: 39708058
The fix was to add Google's DNS as a forwarder to the internal DNS server.  It didn't work right away, but the next day everything started working.  Thanks for all your help.

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL ( and MongoDB (…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question