Strange DNS resolution issue
Posted on 2014-03-12
I am having a strange issue on my inherited network, and I'm sure there is a misconfiguration somewhere. I find them all the time, unfortunately. This one has me stumped as to how to fix it.
I have an active directory integrated domain, let's call it corp.company.org. We also have a hosted website at company.org, which lives at ip 18.104.22.168
I have 4 dcs in my network and 3 dns servers. One of the dcs is also a print server, let's call it prtDC, it's FQDN is prtDC.corp.company.org.
Intermittently people report they can't print or access the internet. Almost without fail, if I ping the print server prtDC, it returns the ip of our website, 22.214.171.124.
The fix is to do ipconfig /release /flushdns /renew and it usually works.
This happens randomly, and I thought perhaps one of the DNS servers was failing, and the lookup was being passed to internet dns servers, which would return the IP of our company.org address. I added another DNS server, and made it the primary DNS server for our domain. This didn't fix the issue.
However, digging a little, I see that if from the command line I type "nslookup servername" then I get the correct internal ip. If I type "nslookup servername.corp.company.org" I get the external ip of our webserver. Our dns suffix search list is corp.comany.org and company.org, if this helps.
I did notice in the DNS manager on the servers, they list the SOA as themselves -- so DNSserverA lists DNSserverA and DNSserverB lists DNSserverB as the SOA.
Also, there was a name server record for a machine that doesn't have DNS installed. I deleted that manually, but this doesn't fix anything either.
Could anyone give me an idea of where to go to fix this? It's driving me crazy and I don't know exactly where to look.
EDIT: nslookup server returns right address (most of the time) and nslookup server.corp.company.org. (with the end . ) returns correctly too.