Some users intermittently resolve local dns RRS feed

  • Question

  • Hi All,

    I set up a webserver (hosted in Ubuntu) so that our local clients can access it, I have a DNS server hosted in Windows Server 2008 r2 and assign an A Record for the webserver IP ( to web.example.com. initially all the clients were able to resolve locally but intermittently when I assign public domain and port forward it to the same server. how can I force all my clients under the same flat network to resolve locally.

    basically all the users pc and webserver have the same primary DNS, I though that this is something to do with DHCP but cant find a way to test it as of this posting.

    Hope someone can help me on this.

    Wednesday, October 14, 2015 8:30 AM

All replies

  • Do you have a second DNS server setup in the DHCP server to hand out to clients? Is that a public DNS server? If the Primary DNS is slow then it will fail over after 3 seconds.

    You should use only one the internal server W2k8r2 server.

    Make sure and clear all caches before you start testing. That's each workstation ipconfig /flushdns at command, server (same) and DNS on server in console has clear cache.

    are they using www.web.example.com?

    are they using example.com

    add a cname for www.example.com

    add a cname for the . points example.com (this is root)

    Often everyone adds a www. record but you must add 2 records.

    Add a root which is shown in DNS as . which is (root or example.com vs www.example.com)

    Is the internal domain really a .com or a .local? Best practices say the internal domain should be example.local, so web.example.local then use external domains to point to external IPs which port forward to local IPs. Which solves this issue. In DNS you have only the internal domain. The www server has an added accept domain added for both internal and external domains.

    You can also avoid this by using IP address for internal.

    If all else fails you can add it to the host file but only as a last option.

    The reason this happens is because the firewall rules say you can't go from a safe (internal network) to a unsafe (external network) then come back into a safe (internal network) this is why you can't resolve an External IP address to a internal server from a internal workstation.

    Hope this helps,


    Vote for Freedom - Vote to Protect our Country

    Friday, November 20, 2015 9:10 AM