Solved

Server 2012 Internal DNS blocking a websites javascript or CSS

Posted on 2013-11-12
7
988 Views
Last Modified: 2013-12-10
Greetings experts,

I have a Windows 2012 internal domain.  We use the internal DNS for our environment.  Our internal and external Domain name is the same. (I know, bad idea, but it's been that for years and they didn't want to change)
The website is hosted externally by ipower.com

Problem:
They have a picture section on the website.  You chose a picture for a close up and it pops up with text describing the picture.  The Web designer told me he uses javascript and CSS for the close up picture / text.

If you are outside the network everything works fine.  If you are on the network, the picture pops up, without the text below.  

I worked the problem, and was able to view on the server itself.
On the desktops, I was able to view the text if I take out the internal DNS and insert: 8.8.8.8 (Google DNS).
I tried to set the Internal DNS as second, but when I do that the internal server name is resolving to the external IP, no good due to exchange and file server.  

Any idea on how to tell the DNS server to let the script through?  I changed all the Internet option settings on the desktop without luck.  Only thing I can think of is to manually put an entry in the host file,  but that is a little funky..  Also added 8.8.8.8 as a forwarder on the DNS server, no good.

Any help would be appreciated..
Thank,
Kacey
0
Comment
Question by:kaceyjames
  • 4
  • 3
7 Comments
 
LVL 20

Expert Comment

by:Daniel McAllister
Comment Utility
The problem is not with the script, it is with your DNS setup.

If you query the OUTSIDE world, www.yourdomain.com/images/stuff.jpg resolves via DNS to the www.yourdomain.com/images/stuff.jpg file on the webserver at 1.1.1.1 (at your hosting company).

However, if you query from INSIDE your LAN, www.yourdomain.com/images/stuff.jpg resolves via DNS to the www.yourdomain.com/images/stuff.jpg file on the local 2012 server at 192.168.1.11 (inside your LAN).

The problem is that these are different places with the same name (even though the name likely does not exist at the 2012 server).

Any solution you use is going to have to resolve this problem. Here are some options:
 1) synch your public website to the 2012 server, so that the contents on the hosted server are replicated on the local server. NOTE: There may be some functionality that breaks -- depends on what you have going on at your website, but most java and CSS things should work fine.
 2) change your 2012 web service to act as a proxy to the external server (that is, redirect all internal website queries back out to the hosted server).
 3) change your internal domain name to NOT end in a TLD (thus, the prevalence of .local)
 4) change the internal and external hostnames (like www) so that you can identify from within the LAN whether you want the internal or external website. (NOTE: This may require some adjustments on the external site to accommodate the likes of "external.mydomain.com" being the same as "www.mydomain.com" on that server (much less just plain "mydomain.com" on that server.
 5) change the local DNS server to resolve www.yourdomain.com and @ (or, just plain "yourdomain.com" to point to the extenal site -- then use a different hostname for the internal site -- like local.yourdomain.com, or internal.yourdomain.dom.

There are other ways -- you just have to think about how the computer (both DNS and the webserver that DNS points it to) handles the requests.

Good Luck!

Dan
IT4SOHO
0
 

Author Comment

by:kaceyjames
Comment Utility
Thanks for the reply Dan..

If the Internal query points to the 2012 server, how come the picture pops up?  There is no pictures on the Internal server.  

Maybe I'm missing something, but if the correct picture pops up when I click the link, then I'm assuming it's querying the web server, not the 2012 server.  

Is you type in www.mydomain.com internally it brings you to the external website.

Only problem is that internally, the text under the picture does not appear when I'm inside my network.

Thanks,
Kacey
0
 
LVL 20

Expert Comment

by:Daniel McAllister
Comment Utility
OK, so if you query www.yourdomain.com internally, and the site comes up, then there is something else on the site that's not resolving properly (or else this isn't a DNS issue at all).

Look to your code on the site -- when the javascript runs (or the CSS loads) it does so with a link into some place on the site... does it reference it differently? Maybe css.yourdomain.com resolves properly, but not on your internal domain?

Perhaps you should look to your external DNS zone file and see all of the entries that point to your hosted server (@, www, and all of the others) and make sure that those same entries exist on the local DNS server (and point to the same hosted site).

You should also make sure any CNAME values are duplicated.

I think the issue might be that you're assuming some kind of failover within DNS -- as-in:
if I query servera.yourdomain.com and the local DNS server doesn't have it, it'll look outside to resolve it.

That won't work because your local DNS server is going to report itself as "authoritative" for the domain "yourdomain.com" -- so if it doesn't have the data, no one else is supposed to have it either.

In answer to your follow-up - I'm not aware of any DNS server (Microsoft or other) that will answer from local files, and if not found, do a recursive internet query to attempt to resolve a client query. That's just not how DNS works.

I hope this helps.

Dan
IT4SOHO
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:kaceyjames
Comment Utility
I'll look at the code as soon as a computer frees up.  
2 points:

If I change the DNS server on the desktop to 8.8.8.8 the site works fine.  So it tells me it has to be DNS due to making that change resolves the issue.

Also:
When you go to the section where the pictures are listed say:  www.mydomain.com/surfaces/stone-tile-slab/limestone_tiles/index.php
You are then presented with about 10 tiles to click.  Once you click a tile a pop up happens and the URL in the browser does not change.  The box pops up with the picture with the text if outside the environment, without text inside the environment.
0
 
LVL 20

Assisted Solution

by:Daniel McAllister
Daniel McAllister earned 500 total points
Comment Utility
OK, I think you missed something... let me try again:

First, let's look at the structure of the website:
 - You load pictures in an html frame, and then have a javascript program that allows you view the full detail picture, much larger. Probably, there are 2 versions of the image on the server -- one small one for the html frame, and a larger one accessed by the javascript.
 - When you go to the webpage, you load the small images
 - When you mouse over an image (or perhaps click on it), your browser loads the larger one thanks to the javascript.
 - Everything works when you use your external DNS server (the one the rest of the world uses)

Now, understand that for every image you're mousing over, you're doing an html lookup (the javascript is going out there to load the full-size image.... and when it does so, it goes to a URL -- which causes a new DNS lookup, I'm guessing, but it seems likely that the javascript (or php, potentially) doesn't use the same DNS hostname that you used to access the website (or the smaller images).

In detail:
 - You open http://www.mydomain.com/index.php
 - The webpage loads http://server.mydomain.com/images/a-small.jpg (among others)
 - You mouse over the image a-small.jpg, and the javascript says to load http://images.mydomain.com/images/a-large.jpg

The issue you're seeing is that, to the outside world's DNS, the domain mydomain.com resolves www, server, and images all perfectly well (and, presumably to the same host).... and all is good with the website.

BUT - move into your LAN, where you have a separate, authoritative DNS service for mydomain.com. You've done what you can, so far, so that www.mydomain.com points to the external webserver, as does server.mydomain.com... but when you mouse over the image and the javascript tries to get the full-size image from images.mydomain.com, the location fails because your internal DNS server doesn't have the right address (if any address) for images.mydomain.com.

Of course, I don't know the REAL domain or host names you're using, but the example should suffice...

Thus, my recommendation remains: you should get a full listing of all A records and CNAME records for your domain from the public-facing DNS server.... then make sure ALL of those records have the same values in your LAN-based DNS server.

You do NOT need to match up other types of records (TXT, SPF, MX, NS, SOA, etc...) - ONLY the A records and CNAME records matter in this case. [NOTE: Some may, indeed, not matter -- like dns1.mydomain.com or mail.mydomain.com -- but the more you skip over, the more likely you're skipping over the one that is breaking the website]

I hope this explains better... and helps you to resolve the issue.

Dan
IT4SOHO
0
 

Accepted Solution

by:
kaceyjames earned 0 total points
Comment Utility
Thanks Dan..

I just checked back and now it's working.  I added 8.8.8.8 as a DNS forwarder the other day, but it didn't work.  It must have just took time to catch up.

lets let it run for a few days and make sure it sticks..
Thanks for your efforts..
Kacey
0
 

Author Closing Comment

by:kaceyjames
Comment Utility
The fix was to add Google's DNS as a forwarder to the internal DNS server.  It didn't work right away, but the next day everything started working.  Thanks for all your help.
Kacey
www.interlinktechnologies.com
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now