Link to home
Start Free TrialLog in
Avatar of Kacey Fern
Kacey FernFlag for United States of America

asked on

Server 2012 Internal DNS blocking a websites javascript or CSS

Greetings experts,

I have a Windows 2012 internal domain.  We use the internal DNS for our environment.  Our internal and external Domain name is the same. (I know, bad idea, but it's been that for years and they didn't want to change)
The website is hosted externally by ipower.com

Problem:
They have a picture section on the website.  You chose a picture for a close up and it pops up with text describing the picture.  The Web designer told me he uses javascript and CSS for the close up picture / text.

If you are outside the network everything works fine.  If you are on the network, the picture pops up, without the text below.  

I worked the problem, and was able to view on the server itself.
On the desktops, I was able to view the text if I take out the internal DNS and insert: 8.8.8.8 (Google DNS).
I tried to set the Internal DNS as second, but when I do that the internal server name is resolving to the external IP, no good due to exchange and file server.  

Any idea on how to tell the DNS server to let the script through?  I changed all the Internet option settings on the desktop without luck.  Only thing I can think of is to manually put an entry in the host file,  but that is a little funky..  Also added 8.8.8.8 as a forwarder on the DNS server, no good.

Any help would be appreciated..
Thank,
Kacey
Avatar of Daniel McAllister
Daniel McAllister
Flag of United States of America image

The problem is not with the script, it is with your DNS setup.

If you query the OUTSIDE world, www.yourdomain.com/images/stuff.jpg resolves via DNS to the www.yourdomain.com/images/stuff.jpg file on the webserver at 1.1.1.1 (at your hosting company).

However, if you query from INSIDE your LAN, www.yourdomain.com/images/stuff.jpg resolves via DNS to the www.yourdomain.com/images/stuff.jpg file on the local 2012 server at 192.168.1.11 (inside your LAN).

The problem is that these are different places with the same name (even though the name likely does not exist at the 2012 server).

Any solution you use is going to have to resolve this problem. Here are some options:
 1) synch your public website to the 2012 server, so that the contents on the hosted server are replicated on the local server. NOTE: There may be some functionality that breaks -- depends on what you have going on at your website, but most java and CSS things should work fine.
 2) change your 2012 web service to act as a proxy to the external server (that is, redirect all internal website queries back out to the hosted server).
 3) change your internal domain name to NOT end in a TLD (thus, the prevalence of .local)
 4) change the internal and external hostnames (like www) so that you can identify from within the LAN whether you want the internal or external website. (NOTE: This may require some adjustments on the external site to accommodate the likes of "external.mydomain.com" being the same as "www.mydomain.com" on that server (much less just plain "mydomain.com" on that server.
 5) change the local DNS server to resolve www.yourdomain.com and @ (or, just plain "yourdomain.com" to point to the extenal site -- then use a different hostname for the internal site -- like local.yourdomain.com, or internal.yourdomain.dom.

There are other ways -- you just have to think about how the computer (both DNS and the webserver that DNS points it to) handles the requests.

Good Luck!

Dan
IT4SOHO
Avatar of Kacey Fern

ASKER

Thanks for the reply Dan..

If the Internal query points to the 2012 server, how come the picture pops up?  There is no pictures on the Internal server.  

Maybe I'm missing something, but if the correct picture pops up when I click the link, then I'm assuming it's querying the web server, not the 2012 server.  

Is you type in www.mydomain.com internally it brings you to the external website.

Only problem is that internally, the text under the picture does not appear when I'm inside my network.

Thanks,
Kacey
OK, so if you query www.yourdomain.com internally, and the site comes up, then there is something else on the site that's not resolving properly (or else this isn't a DNS issue at all).

Look to your code on the site -- when the javascript runs (or the CSS loads) it does so with a link into some place on the site... does it reference it differently? Maybe css.yourdomain.com resolves properly, but not on your internal domain?

Perhaps you should look to your external DNS zone file and see all of the entries that point to your hosted server (@, www, and all of the others) and make sure that those same entries exist on the local DNS server (and point to the same hosted site).

You should also make sure any CNAME values are duplicated.

I think the issue might be that you're assuming some kind of failover within DNS -- as-in:
if I query servera.yourdomain.com and the local DNS server doesn't have it, it'll look outside to resolve it.

That won't work because your local DNS server is going to report itself as "authoritative" for the domain "yourdomain.com" -- so if it doesn't have the data, no one else is supposed to have it either.

In answer to your follow-up - I'm not aware of any DNS server (Microsoft or other) that will answer from local files, and if not found, do a recursive internet query to attempt to resolve a client query. That's just not how DNS works.

I hope this helps.

Dan
IT4SOHO
I'll look at the code as soon as a computer frees up.  
2 points:

If I change the DNS server on the desktop to 8.8.8.8 the site works fine.  So it tells me it has to be DNS due to making that change resolves the issue.

Also:
When you go to the section where the pictures are listed say:  www.mydomain.com/surfaces/stone-tile-slab/limestone_tiles/index.php
You are then presented with about 10 tiles to click.  Once you click a tile a pop up happens and the URL in the browser does not change.  The box pops up with the picture with the text if outside the environment, without text inside the environment.
SOLUTION
Avatar of Daniel McAllister
Daniel McAllister
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
The fix was to add Google's DNS as a forwarder to the internal DNS server.  It didn't work right away, but the next day everything started working.  Thanks for all your help.
Kacey
www.interlinktechnologies.com