Link to home
Create AccountLog in
Avatar of jskfan
jskfanFlag for Cyprus

asked on

Internal DNS delegated zone not resolving

Internal DNS delegated zone not resolving


I have the same internal and external Delegated DNS Zone name


a.Mydomain.org 

it is has 4 NS records:

NS1.otherdomain.com

NS2.otherdomain.com

NS3.otherdomain.com

NS4.otherdomain.com


I have created the same delegated zone in the internal dns under Mydomain.org


a.Mydomain.org 

it is has 4 NS records:

NS1.otherdomain.com

NS2.otherdomain.com

NS3.otherdomain.com

NS4.otherdomain.com


from Internet, when I use DNS Lookup tools and enter a.Mydomain.org

it will resolve without issue


but inside the network if I enter: Nslookup a.Mydomain.org

I see: DNS request timed out several times.


Any idea why ?


Thank you 

SOLUTION
Avatar of Philip Elder
Philip Elder
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of jskfan

ASKER

which ns server do you run the query against. it seems the server is not reachable from your location.


I found out, that Delegation to outside is blocked through firewall

what I am trying is:
Internal Windows DNS----Infoblox-----Customer DNS managing the sub-Zone

The sub-zone is delegated from internal Windows DNS to Customer.

I need to forward the DNS request to infoblox, but I do not how it is done.

SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of jskfan

ASKER

I checked Windows DNS server / Properties/ Forwarders tab.
I see Infoblox with their internal IP addresses there

I do not know if there is an extra step that Infoblox Admin needs to do from within infoblox to allow the delegated zone to proxy its DNS  queries through infoblox.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of jskfan

ASKER

One thing I may have not mentioned yet in my comments:

a.mydomain.org is a Delegated zone.
mydomain.org is a forward lookup zone owned by our Windows DNS
the Delegated zone a.mydomain.org has NS records pointing to  Otherdomain.com

NS1.otherdomain.com

NS2.otherdomain.com

NS3.otherdomain.com

NS4.otherdomain.com

our internal Windows DC/DNS server forwarders tab, has Infoblox DNS Servers.

this is why I thought if you query a.Mydomain.org , the query will be sent to NS servers of Otherdomain.com and since those NS servers are on the internet, our Windows DC/DNS server will forward the query to Infoblox servers that are in the DMZ, and Infoblox will relay the query to Otherdomain.com DNS servers (ns1, ns2, ns3, ns4)

-- there is another doubt that I have, which is:
since Mydomain.org is owned by our Windows DC/DNS Server, and a.Mydomain.org even if it  is Delegated zone, but the name space of it makes it sub-domain (a.Mydomain.org), will that be an issue?  or since a.Mydomain.org has the NS servers specified NSx.otherdomain,com it will be fine ?
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of jskfan

ASKER

Conditional forwarder for some reason started working.
Thank you