Announcement

Collapse
No announcement yet.

DNS Cached Lookups Reappear After Clearing

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS Cached Lookups Reappear After Clearing

    Good day. I have been working through an issue for the past day or so. I have a URL (that points to a server in our organization's environment) that needs to resolve with an external IP but resolves to an internal IP every time I run nslookup.

    This IP points to a server on a different domain that I do not control nor do we have any ties to any longer. We use to have reverse and forward lookup zones pointing to that domain but no longer.

    I have gone through the DNS Manager removing stale zones/entries in Forward Lookup and Reverse Lookup. I have added external DNS as forwarders. I have also tried to clear cached lookups but as soon as I clear cached lookups and refresh, I can see the IP entry appearing again with the internal IP under the "Data" column of the cached lookups with "static" in the timestamp.


    Our DCs (and DNS servers) are Windows 2008 R2 (2 servers) and Windows 2012 R2 (1 server remote).

    Any thoughts on what could be causing this?

  • #2
    Have you tried an ipconfig /flushdns on the affected machine?

    Are your zones AD integrated, Primary, secondary?

    If secondary then they will be replicated from elsewhere.

    Comment


    • #3
      Thank you for the reply. I managed to resolve the issue by adding a new zone (forward lookup) for our organization's domain name and added an A record for the URL pointing to the external IP. That seemed to have resolved the issue. Both zones are primary AD integrated in case that helps.

      Now I seem to be having a different issue since I did that. If I run nslookup on any external URL (ie - nslookup google.com 8.8.8. I rceieve the non-authoritative answer:

      Name: google.com.xxx.xxx (where xxx.xxx is our internal domain which is a primary zone)
      Address: 127.0.53.53 (which seems to indicate a collision)

      Any idea why this could be happening?

      Comment


      • #4
        Your not authoritative for that domain name, i.e. you don't control the records for that domain, someone else does.

        Comment


        • #5
          In case I didn't mention before, I am a bit new to managing DNS so I appreciate the insight. If I run the same nslookup (nslookup google.com 8.8.8. from a computer outside of the domain, I receive a result on the non-authoritative answer:

          Name: google.com
          Addresses: 2607:f8b0:4005:80a::200e
          216.58.194.174


          Here is what I am trying to accomplish:

          I have the project's domain (lets call it domain_a.ads) setup as a Forward Lookup zone with Primary zone (storing the zone in AD) integration. Dynamic updates occur from secure only. Aging is setup for 7 days on no-refresh and refresh intervals. The primary server (under SOA) is our primary DC (which is the same dns server). The Name Servers are all of the DCs we have (3 of them) which are all DNS servers as well.

          I needed a URL to resolve to an external IP rather than an internal IP on a different domain (also part of our organization but not this project). Lets call that domain domain_b.org.

          I setup domain_b.org as an additional primary Forward Lookup zone (the same config as above) and added an A record to the zone which would resolve apple.domain_b.org (as an example) to an external IP.

          I also have setup as forwarders our organization's external DNS server as well as google's public dns server.


          I am trying to figure out if this is the right approach for what I am trying to accomplish and what am I missing that seems to be causing funny answers on the nslookup, attaching domain_a.ads to the non-authoritative answer from URLs like yahoo.com or google.com.

          I have also ran into the issue where any client machines (or servers) that point to this DNS can't access apple.domain_b.org or domain_b.org from any web browser (even though they are externally accessible websites).
          Last edited by mig1980; 20th April 2017, 19:23.

          Comment


          • #6
            What you are doing appears to be correct.

            Primary for domain_a.ads
            Primary for domain_b.ads

            Inside domain_b.ads you have created an entry for apple with the relevant external IP address.

            The only thing i think you might be missing is possibly the DNS suffix on your clients but using the FQDN in your should sort that, http://apple.domain_b.ads which should then resolve to the IP address for the apple record in DNS.

            For your nslookup issue i'm not too sure. You mention you have your external company DNS as the forwarder. Is this an actual DNS server? Also try using your ISP's DNS for external name resolution, in the circumstances i've used it it has been quicker to respond than Googles.

            One thing to make sure of, are you using your internal DNS server as the only DNS server your clients receive?? So in you DHCP scope if you DNS server is 192.168.100.100 you have that set for you clients to talk to then your forwarders configured on the actual DNS server?

            IMHO best practice should be to use your internal DNS servers at all times for internal clients, which will then forward requests to your forwarders if and when required.

            Comment


            • #7
              Good day wullieb1. I figured out the issue. I was approaching the issue incorrectly. All I needed was a forward lookup zone the ONLY pointed the URL to the external IP. I did not need to add the entire domain as the zone.

              I remove the internal zone for domain_b.org
              Added a primary forward lookup zone for apple.domain_b.org
              Created a new A record in this zone (leaving the hostname blank) and entered the external IP


              That worked great. Thank you again for the support and guidance.

              Comment

              Working...
              X