Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS Intranet parent suffix issue

Status
Not open for further replies.

alohaaaron

Programmer
Mar 27, 2008
80
US
Hi we are having problems with our dns parent suffix taking the place of our intranet dns name.

We have an active directory of ad.companyname.com.
Our public website is hosted by a 3rd party hosting site.
Our intranet site is at 192.168.0.36 which is an iis virtual ip.
An A record is set in our DNS to cointranet.ad.companyname.com 192.168.0.36
Our workstations are configured to use our internal DNS server as the main DNS server 192.168.0.33 which is on the same server as our site.
The workstations also have a secondary comcast DNS of 75.75.75.75

Intermittently when users try to navigate to it gets resolved to
If I close the browsewr and flush the dns and reopen the browser the intranet addresses resolves properly but sooner or later the problem returns.
Thanks!
 
This may be due to timeouts of your internal DNS server. The clients would fail over to the Comcast IP and cache the results.
 
I run nslookup on the internal dns server, set debug, and then type in cointranet and it always responds without errors.
 
1) what the heck are you doing? lol All of the addresses you configure your workstations with should be for the same DNS system, for the same expected results. A secondary is for a backup, not for getting different results. I agree with iggsterman and I say that you should either only configure one DNS server in your workstations, get another DNS server in your intranet, or realize that this problem is going to happen because that's what you are asking your computers to do. If you only configure your one DNS server, that should resolve everything that you need resolved. It should have Internet access to resolve DNS names, which it will then cache.
2) If you run a lookup *on* your DNS server, yeah, of course it's always going to respond. Or did you mean that you run nslookup *against* your DNS server from one of the affected workstations to test? Consider the difference.
3) So, if your Windows workstation is going to the Comcast address, it will try cointranet.ad.companyname.com and if it gets no result for that, it will try cointranet.companyname.com. Really, Comcast should respond with "domain not found" or something since there is no cointranet in that server presumably, but it could be that they are asking Comcast and it is responding with some legitimate address because someone who setup the more than basic DNS system there thinks that's somehow more helpful.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top