Solved

Internal DNS record resolves to a weird public IP address

Posted on 2014-01-10
10
716 Views
Last Modified: 2014-01-13
Hello everyone,

I have a weird problem that occurred to my client's network all of a sudden only in certain clients!

The internal DNS has 2 forward look up zone with two different domain name (Domain A) and (Domain B).

DNS Forward 1 points to Domain A, DNS Foward 2 points to Domain B. I have exchange server in Domain B.

I configured webmail on domain A (Public Domain) to point to Exchange server in Domain B.

however when I try to resolve the webmail.domaina.com it will resolve to a totally different public IP address

webmail.domain.tr.com.tr

I tried resolving the public domain address in the external network and it resolves correctly to the configured public IP Address in our public DNS.

The problem just happens inside of the network. I tried changing some clients's DNS to google's dns 8.8.8.8 but the same thing happens.


I tried disabling internet on the DNS Server so no resolving request goes outside but still the same problem happens.

I would so much appreciate any help as I have never experienced this problem before.

Thanks
0
Comment
Question by:Mohammed Hamada
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 9

Expert Comment

by:Red-King
ID: 39770847
IT may be worth clearing the Cache of the DNS server.
In the DNS snap-in right click on the DNS server name and select 'Clear Cache'.
Once done, open a command prompt and run;
nslookup webmail.domaina.com dns-server.domain.local

This will return whatever your internal dns server (dns-server.domain.local) resolves the webmail.domaina.com to be.
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
ID: 39770890
Seems to be its split dns issue,

Please check below MS technet link. This link explains about internal exchange OWA issue

http://social.technet.microsoft.com/Forums/exchange/en-US/e73dbab3-3430-42c0-a4ed-7366882c4402/split-dns-how-do-i-configure-exchange-and-dns-for-the-internal-users?forum=exchange2010
0
 
LVL 24

Author Comment

by:Mohammed Hamada
ID: 39770904
I cleared the DNS, restarted the DNS service, stopped domain A DNS service. nothing happened.

when I cleared the DNS one time. and tried to resolve the record it first give one time a DNS request time out then it resolved the address correctly.

Next time, it returned the same problem.... ! I'm pulling my hair!
This has affected the outlook to prompt users for password too.

I would appreciate any comment
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 
LVL 14

Expert Comment

by:Andy M
ID: 39771195
Do an ipconfig /all on the computer and look at the DNS Suffix Search list. We had an issue with a client of ours who had 3 listings in here: subdomain.domain.co.uk, domain.co.uk, and .co.uk  - as a result trying to resolve a hostname to "webmail.subdomain.domain.co.uk" actually came back on nslookup as "webmail.subdomain.domain.co.uk.domain.co.uk" which resolved to an unknown external IP address.

It turns out this was originally setup in DHCP by the previous IT but wasn't correctly removed from the PC (on static settings) when it was removed from the DHCP scopes.

We removed it by going into TCP/IP settings and checking DNS suffixes in there, ensuring they matched with what the server said they should be. I also had to reset the adaptor before it started behaving correctly again.

Don't know if this will be the same issue but worth a look.
0
 
LVL 9

Expert Comment

by:Red-King
ID: 39771245
It might be worth running Wireshark on the DNS server to see exactly what's happening, like is the server sending out a DNS request to a public DNS server to come up with this odd result.
Use this filter to isolate DNS traffic;
tcp.port==53||udp.port==53
0
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 39771605
Does sound like a problem with the DNS suffixes that are being appended.  When you run nslookup, try putting a period at the end of the name you're looking up, then nslookup will treat the name as a FQDN and won't append anything.  For example:
nslookup webmail.domainA.com.
If that resolves correctly with internal clients using internal DNS servers, then you know the problem isn't with the DNS server configuration.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 39771879
Have you verified (with ipconfig /all) that the affected machines are configured to only use the internal servers for DNS?
0
 
LVL 24

Author Closing Comment

by:Mohammed Hamada
ID: 39776482
This is exactly what was happening, the nslookup was not translating the FQDN with a period in the end which resulted in resolving the FQDN to some external weird IP address.

The DNS was functioning as it's supposed to. the weird thing is this was happening to some users but not all of them.

I failed to notice it due to the pressure I had with this customer.

Thanks everyone.
0
 
LVL 40

Expert Comment

by:footech
ID: 39777299
In that case you should examine the DNS suffixes that the affected clients are trying to append.  Check out the DNS tab under IP settings for a NIC and compare it to a properly working client.  You can also look at the results from ipconfig /all, or run nslookup in interactive mode and then type set all.
0
 
LVL 24

Author Comment

by:Mohammed Hamada
ID: 39777549
Not really the problem wasn't related to DNS at all. I forgot to change the Outlook anywhere authentication method from basic to NTLM. once changed it started to work as it should.

The webmail OWA was working fine as well. just the resolution via nslookup was showing an external IP but there was no problem accessing it on any client.

Thanks again
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question