Solved

Internal Clients not resolving to internal Ip

Posted on 2014-10-19
10
154 Views
Last Modified: 2014-10-28
Hi Team,
We have a standard domain network running server 2012.

now the problem is as follows
Any internal client when they ping is supposed to
mail.abc.com.au resolves to 192.168.4.2

Now what happens sometimes is that every morning when someone turns their PC on they might get an issue where out of blue the DNS starts to resolve to the WAN IP of our network

If i flush the DNS the issue is resolved

Has any one faced a similar issue.

And the strange part of that it happens even to the machines that were left in the office overnight s well and not only to the ones that were out of the office.

All clients get IP from DHCP server 192.168.4.3
and gives out DNS' as 192.168.4.3 and 192.168.4.4

Any ideas?
0
Comment
Question by:Sabi Goraya
10 Comments
 
LVL 3

Expert Comment

by:TropicalBound
ID: 40391850
Do the PC's ave wireless NICs that are connecting to an external network?

Have you checked your internal DNS to see if there are multiple entries for mail.abc.com.au?
0
 
LVL 9

Accepted Solution

by:
stu29 earned 250 total points
ID: 40392031
A lot of times this will happen when your DNS server does not respond in a normal amount of time to a request.  The client can not resolve the internal IP and so looks to the root hints and gains the External IP.  By the time you get to the computer in question .... DNS works again on your server.. but the local cache already has the external IP. So when you clear the cache, all is well.

Also .. this can happen if there is an external IP address added to the IP configuration for DNS servers as a backup.

Also .. if you have split routes to the destination, and one goes down .. then you do not see the route to the internal IP address and are sent to the external.

I would start with DNS performace and work out from there to narrow it down.
0
 
LVL 12

Expert Comment

by:Faruk Onder Yerli
ID: 40392077
Could you please check DNS viruses in your computer.?

one of them you can check as below.

http://www.dcwg.org/fix/
0
 
LVL 4

Author Comment

by:Sabi Goraya
ID: 40393555
@stu29

Thanks for your response guys

I also started from the DNS forwarders and then yesterday i already removed all the DNS forwarders from the server.
But this morning got the same issue

I think its the way the DNS is working right now.
There are some machines that even after flush DNS still resolve to teh WAN IP
0
 
LVL 4

Author Comment

by:Sabi Goraya
ID: 40393704
I have two DNS servers and i have made some change to the primary and secondary zones and shall get back to you with an update.
Thanks
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 9

Expert Comment

by:stu29
ID: 40394666
When you are having the issue ... pull up a command prompt on the client and type nslookup ... does it list your internal DNS server?

Is your internal namespace abc.co.au or abc.local (or something else)?
0
 
LVL 4

Author Comment

by:Sabi Goraya
ID: 40396140
I have two DNS servers and i have made some change to the primary and secondary zones and shall get back to you with an update.
@ stu29
Nslookup shows the right server and have added a PR records for the DNS server as well which was missing

Thanks
0
 
LVL 4

Assisted Solution

by:Sabi Goraya
Sabi Goraya earned 0 total points
ID: 40400791
Thanks for the response guys

The issue has been resolved

@ stu29 : thanks for the hints they were in the right direction

And also thanks to others participating

Solution: The issue was with DNS zone and name servers for the secondary zone.
0
 
LVL 9

Expert Comment

by:stu29
ID: 40401847
ConnectCG .. glad you working it out!
0
 
LVL 4

Author Closing Comment

by:Sabi Goraya
ID: 40408037
We were able to resolve the issue , however the team did provide information relevant to the issue and in the right direction.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now