DNS Issue - resolving to public ip

We have a strange DNS issue.  When we try to resolve internal names we sometimes get an outside public ip and when we try to resolve a random bla bla address, it still gets resolved to this public IP.  Host files are correct and so is DNS from what I can see, so not sure what is going on?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If all of your internal clients (PCs/Laptops/Devices) are looking to your local W2K8 server for DNS, and that is in turn looking to an external DNS provider, then it may well be that the external DNS provider is returning the IP address of a search engine (or some other lookup domain service) when it can not find (resolve) the hostname (domain) you are looking for.

If you are providing DNS services internally for your local network, make sure that your DNS service is actually using ROOT Nameservers correctly, and not just relying on your local ISP.

Also, if you are using any form of corporate proxy service (ISA for instance) check what that is using for DNS lookups.

To determine if it is your local DNS service, set one of your local PCs to use OpenDNS for its DNS provider, and then test the same lookups to see if you still get Public IP addresses for your internal hosts. If you do not then it means the problem is with your internal DNS service.
Good day

In you are trying to resolve an address which is recorded in an external dns service only then you are going to get the external ip address.  

Once of my clients has x.store.com as an external/public ip address.  The domain is store.local.
My server is with a name of server.  I wanted to resolve x.store.com to my internal server ip address when users where inside the network.  I added a host records (A) with x,store,com pointing to and all was good.

 Is the address also in your severs dns server ?  
If you assign dhcp address is your local dns server listed as one of the values the user will receive ?
yo_beeDirector of Information TechnologyCommented:
Are you seeing this on random machines or certain ones?

On the machine that your experience this on have you done a trace route on the address in question?

What about nslookup?
What about ipconfig to see what DNS Servers are registered for the client ?

These are some tools that might expose your issue.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Make sure your browser's are not using the suggest option if all your answers to the prior experts issues, all clients only refer to internal DNS servers, and only internal DNS servers.
Your internal servers do not forward all requests they receive to external DNS server (this will address suggested IPs for public domains)
DHCP settings pushes the search domain option as the local ad.domain.

If you would, please describe the environment.
also if its on some machines and not others from command prompt

ipconfig /flushdns
minniejpAuthor Commented:
it seems that this only happens on the domain controller...surely if I type in test, I should get "it cannot resolve", rather than resolving to a public IP?
what are the name server that the DC has
ipconfig /all
if it has any external IP references, those might be sent the request and depending on whose name servers you use, they may provide a suggested i.e. test.whaetber.com is not present, but the following might be what you are looking for.
Check the DNS servers you do use internally and see what servers they use under the forwarder tab.
minniejpAuthor Commented:
The name server is the DC itself.  It has a forward to its ISP? but it is resolving test.domain.com rather than saying "unable to resolve name".  test.domain.com is resolving to a public IP even thought it doesn't exist...
minniejpAuthor Commented:
any more thoughts?
minniejpAuthor Commented:
it seems like nslookup is not resolving it (dns request timed out) but when I go ping blabla, it resolves blabla@mydomain.com........
Do not use forwarders. This is where your "suggested site" public IP is coming from.
you send a request to your DNS.
For anything other than myADdomain, all requests are forwarded to the ISP's DNS servers and that is where your issue is.
If you want to receive a nosuch domain for test.thereisnosuchdomain.com, remove forwarders from your DNS server.

i.e. look note the IP referenced in the forwarder and run
nslookup test.someunknowndomain.com IP_from_forwarder and that is where you will get the public IP as a response.

If you actually use a browser to go to that domain, you will likely end up on a suggested site i.e. the domain test.someunknowndomain.com cold not be found, but here are some alternate options.

To resolve your issue, remove the forwarders and allow your DNS server to function and go and get the requisite data. Make sure your root tab is populated by root servers (not empty).
minniejpAuthor Commented:
The IP Address in the forwarders section is the IP Address of the DNS servers in my ISP, surely i need these to resolve IPs outside our network?
You only need your ISPs DNS servers when you do not have your own. In your situation your DC has a DNs server component which is and should capable to perform the lookups.  In the older days forwarders were used to offload network traffic/bandwidth as it was expensive.

These days the forwarders have the effect you do not like, they could track requests originating from you and suggest/recommend when an issue arises such as non-existent domain because of a typo.
Try it. Note the ISPs DNS servers. Remove them from your forwarders list and see if there are issues, revert by adding back if you see fit to do so.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DrDave242Senior Support EngineerCommented:
The name server is the DC itself.  It has a forward to its ISP? but it is resolving test.domain.com rather than saying "unable to resolve name".  test.domain.com is resolving to a public IP even thought it doesn't exist...
Are you trying to resolve the actual name test.domain.com? If so, it does exist in the public DNS namespace (as a CNAME record for domain-4.domain.com) and resolves to If you were just using that as an example for a made-up name, ignore this part.

it seems like nslookup is not resolving it (dns request timed out) but when I go ping blabla, it resolves blabla@mydomain.com........
You shouldn't be getting "DNS request timed out" for a non-existent name; you should be getting "<server> can't find <name>: Non-existent domain." If you're getting timeouts, a server isn't responding.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.