DNS Corruption

[rubbersoul]

I have an AD with 2 sites. I'm using Dynamic DNS and seem to be having the strangest problem. We have internal and external DNS servers.....when our users are within our network we want all there queries to resolve to the internal DNS servers.....so here goes...in our first site...will call it SiteA I can do a ping mail.acme.com and sometimes it'll resolve to the internal IP of that box (192.168.1.1) which is great! However, sometimnes it try's to resolve to the external IP of that box (66.200.x.x). When it does this I can't recieve mail....so what I usually have to do to resolve it is a ipconfig/flushdns and an ipconfig/registerdns....then it works and a ping resolves back to the internal address (192.168.1.1).....However, and this is were it get's even more weird....our other site (which has it's own DNS server...and exact copy of SiteA's DNS server) dosen't work at all....It always try's to resolve to the external IP of the box...no matter what I do.

I've tried flushing the DNS on the client machine and re-registering it. I've tried clearing the cache of the DNS server....I've brought the DNS service down and up, checked to ensure that all the hostA records and MX records are in the right place....they are (there exact copies of SiteA's config)

This is very strange and I can't seem to figure it out.....I should let you know that if I add the FQDN of our network to thos address it always works. Anotherwords...ping mail.acme.com.mycompany.local

If I remove the forwarders (which forward unknown traffic to our extrenal DNS servers) everythig works fine....mail.acme.com will resolve to the internal address....but at that point we can't resolve say

http://www.ggole.com

because our DNS has no one to forward that unknown traffic to......HELP!

 

[rubbersoul]

Sorry man but I'm getting frustrated....it's as if no one is understanding what I'm saying.....

I've added a zone for acme.com....that's been there since the begining.....this is why I'm so confused. My problem is cache.....if I look at my cache on my DNS (Internal) server...I can seem that the records for

http://www.acme.com

have an external IP 66.250.x.x instead of 192.168.10.44.....Even if I flush the cache.....it populates again with the same external IP......Do you understand? It's killing me...

 

[NetIntruder]

NOW i understand. I didn't realize that you had the zone set up on the inside as well.

Ok, try taking your acme.com zone on the inside, manually clear the cache, then set the updates to manual only. See if your problem comes back at this point.

I will continue to do some looking, but if this is not a problem to maintain, this should be an easy fix...

~Intruder~
CEH, MCSA/MCSE 2000/2003

"The Less You Do, The Less Can Go Wrong"

 

[rubbersoul]

What do you mean by set the updates to manual only? I'm not sure I follow...were is this setting?

 

[rubbersoul]

NetIntruder....please explain.....

 

[NetIntruder]

Set the "updates" to None instead of "Secure Only" or "Secure and Non Secure". This setting is found on the properties of the zone on the general tab.

~Intruder~
CEH, MCSA/MCSE 2000/2003

"The Less You Do, The Less Can Go Wrong"

 

[ITPangaeaArchitect]

You will break your internal domain if you do that on the inside so be careful....

DCs need to be able to dynamically update their records with changes.

Are your clients pointing only to your internal DC for DNS?


-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there

 

[rubbersoul]

YES! That's what's so frustrating.....also....why does it work for our Montreal Office and not our Toronto office? I mean there both DDNS.....there is replication.....so what the hell is going on? I tried what the other guy said anyhow....and it still didn't work. At first I got the appropriate record in the DNS cache, then after an hour it was overwritten by the external value for the same record. I can't figure it out and it's driving me batty!!!

 

[ITPangaeaArchitect]

forgive me if this was gone over...but did you uncheck "register this connections addresses in DNS on the DNS tab of the advanced tcp/ip properties? My bet is that if not, you'll do it, but still have same symptoms occasionally due to netlogon service.

are you 100% sure that the records currently in DNS, are dynamically created (as far as external addresses anyway)? Easy check...do the step mentioned above if has not been done already...
manually delete all records from its DNS server's zone....do an ipconfig /flushdns & ipconfig /registerdns....does the external record re-register again? Is scavenging enabled on the zone?

-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there

 

[rubbersoul]

OK....here's what I did...first off...I checked to make sure that "register this connections addresses in DNS" was unchecked.....then, I made sure that the dynamic updates was set to "none"....I changed it from "secure only". Then I cleared cache from the DNS snap-in.....then I did an ipconfig/flushdns then ipconfig/registerdns.....I took a look at the cache on the server....empty.

Now I ping mail.acme.com.acme.local....resolves to internal address....awesome!

Now I ping mail.acme.com.....resolves to external address....like always....problem!!! Still the same everyone???help