Solved

Internal vs External DNS Lookup's

Posted on 2014-10-31
5
497 Views
Last Modified: 2014-11-02
I have a new Bell fibe router which apparently for "Security Reasons" does not support NAT reflection/Loopback.  In that I can no longer internally reach mail.mydomain.com which is a resolvable host NAT forwarded to one of my internal servers on mydomain.local.  To resolve this I have created a DNS entry on my internal DNS server to resolve mail.mydomain.com to the internal IP Address of mailserver.mydomain.local.  For the most part this solution works, however occassionally and seemingly randomly (mostly at initial WS startup) the mail.mydomain.com will internally resolve to the external IP.  NSlookup responds with correct IP Address of the internal host but an internal ping of mail.mydomain.com tries to ping via external IP address.  I have tried ipconfig /flushdns with same result.  This is a major nuisance as it causes Outlook to not be able to connect to our exchange server.

I have "patched" this for the time being by creating a host record on workstations pointing mail.mydomain.com to the internal IP, this solution is a bit of a wank, and obviously will not work for laptops that require access to mail.mydomain.com from both internal and external networks.

Is there a way to diagnose why it is resolving to external IP address and/or on my internal network to force the DNS to resolve to the internal IP address?

DNS search order from DHCP scope to clients is

192.168.135.15 (internal DNS server)
192.168.135.1 (bell fibe router)
8.8.8.8 (google)

Thanks
0
Comment
Question by:BMarden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 7

Expert Comment

by:Stampel
ID: 40415527
Would it be possible to remove 8.8.8.8 from your DNS order scope ?
I guess this entry could be causing the problem and should be useless if your other DNS do the work
0
 
LVL 2

Author Comment

by:BMarden
ID: 40415589
I could as a troubleshooting step, it was added because I noticed that occasionally the router was a bit slow doing DNS request forwards, also the router is forwarding DNS requests to same 8.8.8.8 any hoo, bit I will give it a shot.

Any other feedback?

Thanks
0
 
LVL 7

Expert Comment

by:Stampel
ID: 40415597
It was my best guess i am confident but ...
Does nslookup for mail.mydomain.com respond the same for 192.168.135.15 and 192.168.135.1 dns ?
0
 
LVL 37

Accepted Solution

by:
Neil Russell earned 500 total points
ID: 40415613
You should ONLY have your internal DNS server on the clients. Then set up a forwarder on your internal DNS server to resolve unknow domains. This way your clients will never talk to anything except your internal DNS server and that knows the address of the internal IP
0
 
LVL 2

Author Closing Comment

by:BMarden
ID: 40418285
Thanks, should have thought of that
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question