DNS Issue - Client on Network can't resolve website names...

Do you have forwards configured on your DNS servers?

Also, you should really have your DNS server pointing to themselves for lookups.

Have you tried it with adding google dns in forwarders tab in Primary DC's DNS ?

your PDC's DNS is the DNS server for your clients and when clients asks for urls from PDC so your PDC dosn't know the answer because it has no DNS server for resolving external queries.

After adding forwarder PDC will communicate external dns servers and resolve external queries for clients.

Thank you for the responses.

I do have forwarders configured on both DCs, I have our ISPs DNS servers listed first then Google's Public DNS servers after that.

I originally had both DNS servers pointing to themselves only in the interface IPv4 settings, but I changed them because the BPA analyzer on both DNS servers listed this as errors in my configuration. So I changed that until there were no more errors. Also the problem still happens with either configuration.

Is the address client trying to access internal  or external

The addresses are external forwarding addresses.

Test your DNS separately with removing all other DNS IPs in PDC's DNS fields except PDC's IP and then check the responses of the queries.
also select proper IP for listening DNS queries in DNS properties.

Try run the following command
Tracert "external address " and post the result

Ok, I removed all the other DNS server IP addresses and pointed the primary DNS to itself, also in the DNS properties I changed the interface to only listen for DNS queries from the DNS server's own address and I removed what looks like the IPv6 address that was checked  and still have the same problem.

Here is my tracert

C:\Program Files (x86)\PowerCmd>tracert www.cubpowercalculator.org

Tracing route to cubpowercalculator.org [184.168.221.6]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  ip-66-80-30-121.static.megapath.net [66.80.30.121]
  2     4 ms     3 ms     4 ms  h-207-168-16-209.no.clli.megapath.net [207.168.16.209]
  3    50 ms     3 ms     3 ms  ae11-0.chcgilgb-mxc1.bb.megapath.net [155.229.57.217]
  4     3 ms     3 ms     3 ms  ae25-167.chi11.ip4.gtt.net [173.205.55.205]
  5     *        3 ms     3 ms  as3356.chi11.ip4.gtt.net [199.229.229.134]
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8    51 ms    52 ms    52 ms  4.34.191.254
  9     *        *        *     Request timed out.
 10    54 ms    54 ms    78 ms  ip-184-168-0-86.ip.secureserver.net [184.168.0.86]
 11    97 ms    66 ms    86 ms  te0-0-0-7.trmc0215-01.ars.mgmt.phx3.gdg [184.168.0.85]
 12    53 ms    53 ms    53 ms  ip-184-168-0-94.ip.secureserver.net [184.168.0.94]
 13    53 ms    53 ms    52 ms  ip-184-168-221-6.ip.secureserver.net [184.168.221.6]

Trace complete.

Clear the cache of your dns server and clear it at client side too.
ipconfig /Flushdns at server and client side
In cmd type nslookup wikipedia.org and check the results
Try other domains in nslookup
Try accessing urls at client side and verify that the dns server responds correctly

Ok, I flushed the dns, cleared the cache, updated the server data files, scavenged stale resource records and restarted the dns server service  on the DNS servers,  and flushed the dns on the client side. I also did nslookups for the wikipedia.org website and for cubpowercalculator.org and .com and they responded correctly.

The client then seemed to be able to pull up the websites at first, then after 15 minutes or so the same problem returned with the client not being able to resolve web addresses unless I pull up the website on the dns server first.

Is there anything else I can try? Or in this case is it best to rebuild the dns zones?

We do have a hardware firewall and the windows software firewall is configured on the clients.

I'll try each of these suggestions then report the results.

Ok I ran dcdiag and came across a bunch of errors. I attached the txt file.
dcidagGen.txt

I also ran the dns monitoring tool and when I did a nslookup the dns monitor displayed www.cubpowercalculator.org.mydomain.local a couple of times with a red light then the next couple displayed the actual www.cubpowercalculator.org without my domain at the end with a green light.

Here is the dns query txt file
dnsquery1.txt

It looks like your server names dns2 is have problems. I would recommend moving all roles off of dns2 then demoting it then promoting it again.

OK I have some new information, it seems as though our third party domain provider is partly responsible for the problem but they still haven't nailed down where exactly the problem is. But it still doesn't explain how we are able to get to the site from our DNS servers without issue but our clients can't get to the forwarded sites without first navigating to the sites from one of the dns servers.

So I still would like to solve whatever the problem is on our end but it doesn't look like I will be able to, so I am just going to rebuild our primary dns zone like some of you suggested. Is there a best practice article on how to rebuild our one and only dns zone to prevent any network disruption?

If you only have one DNS server there is no way of avoid an outage.

if this is your DC's DNS so you will definitely face the bother situation.
but everything will b fine after recreating zones.
select primary zone when creating zone see attached img
DNS.jpg

The only way the problem was resolved was by rebuilding the dns zones, disabling the DC firewalls helped and the dns query tool also helped.  I also kept getting error connection timeout errors even after rebuilding the dns zones (mydomain and _msdcs). The following command resolved the error connection timeouts on all my browsers: netsh winsock reset catalog

Thank you everyone for all the feedback and support. Webpages seem to be resolving so much faster as a result too!

Thanks!