Force a DNS cache flush with DHCP?

I have CRM web site that is accessible via a public IP for users that are not in an office.  The same site is accessible through our MPLS from any of our locations by a LAN IP.  

The problem I have is users access the site outside, get the public IP cached, go to sleep, come in the office and still have the public IP cached.  I want them to always use the LAN side IP when in an office.  Is there a way to force a DNS cache flush when they connect to a DHCP server in any of our offices?
LwaughAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
For DNS flush, you can try the following.  You should not have to reset often, or something else may be wrong.

Open cmd.exe with Run as Administrator
Then   ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
0
Will SzymkowskiSenior Solution ArchitectCommented:
You should not have to flushdns at all. Do you have the same internal FQDN as your external? If not then when the user connects to internal network it should reference the internal IP from the interal DNS server.

Will.
0
LwaughAuthor Commented:
Manually running ipconfig /flushdns fixes it but that's not a solution.
When a user obtains an internal IP in one of our offices, I want their local DNS cache to clear automatically.   Is this possible?  

Yes, the site has the same FQDN both internally and externally.  This is so their links will work no matter where they are.  I could assign a different A record to the site on the internal address, but then users have to decide which one to use.  Too much trouble from their point of view.
0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

JohnBusiness Consultant (Owner)Commented:
In my (somewhat limited) experience, DNS cache does not clear automatically.

When you ran DNS Flush once, did it clear the problem and stay cleared? or did the problem return?

What about a neutral DNS server such as 8.8.8.8 or 4.2.2.2 as your primary DNS server?
0
LwaughAuthor Commented:
John, clearing cache on a user's laptop solves the problem.  But not permanently.

Maybe I wasn't clear in my original post.  
The problem occurs because the site with the same DNS name is available on a public IP via NAT through a firewall.  It is also available on its LAN IP whenever a user is in any of our offices.  All of our offices are connected via a managed MPLS WAN.  
If a user with a laptop uses the site from home, they are using the public IP.  This gets cached on their laptop.
If a user puts the laptop to sleep, the DNS cache is not cleared.  When that user comes into the office, wakes up their laptop and gets a LAN IP, they are still attempting to use the public IP of the site, which does not route.  

I can manually clear their DNS cache and everything works fine, until the above situation happens again.  I've even gone so far as to create a batch file for some users to run to clear their cache, but I just wanted to know if there was a way to ensure that when a user is on my LAN, they are using our internal DNS and have nothing cached from outside.  
Using public DNS would not solve anything and make things worse for everyone and no internal resources would resolve.

I could make a static route if each office had their own firewall.  However, the offices were we have this problem are the smaller remote sites and do not have their own internet gateway.  Their traffic routes through our MPLS to another location.  Verizon (our MPLS provider) does not give me access to their equipment, so I can't setup any static routes.

What would be the simplest and easiest fix would be an automatic flush of dns.  I just don't know if it is possible.  
I could run a script via GPO to do this but again, when a user is not logging in and they are just waking up their laptop and getting a new IP, then the GPO wouldn't run anyway.

-Lyle
0
JohnBusiness Consultant (Owner)Commented:
It has been a while since I had this issue with a client and using a different DNS solved the problem on a permanent basis.

You could try putting a simple script in the logon section of scripts on the workstation. Clear the DNS with this script as per the above flush line and then ask them to log off / log on when changing networks.
0
LwaughAuthor Commented:
Thanks.  Finding a work-around isn't a problem.  I've got plenty of those.  
I just want to see if anyone knew of a way to auto clear DNS cache.

-Lyle
0
JohnBusiness Consultant (Owner)Commented:
The DNS cache does not auto clear.

So if you actually wish to solve your problem, you can create a script to do it.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Will SzymkowskiSenior Solution ArchitectCommented:
What you could also try is setting your TTL on your DNS server to something lower which will then query the local DNS server after the time as been reached.

You could also push a GPO startup script using a bat file with ipconfig /flushdns. This would flush the dns when they log into the machine when they are back in the office.

W.
0
LwaughAuthor Commented:
I've requested that this question be deleted for the following reason:

No one really answered.  The simple answer to the original question is "no".
0
JohnBusiness Consultant (Owner)Commented:
It is very hard to be just black or just white.

I answered "NO"  to your original question in:

http:#a40791733   and
http:#a40791802   

If all you wanted was NO, we have done that. In addition we tried to provide constructive work around methods.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.