0

I think I have an odd DNS situation on my hands. We have two Windows Server 2008R2 DNS servers that all of our campus machines use. We are unable to get to the site cdbaby.com in any web browser. We can get to other websites, and the cdbaby.com site is accessible from off campus.

I had a case open with our firewall vendor, because when we test just outside of the firewall, the site works. Inside the firewall, the site doesn't work. I concluded that it was the firewall's fault, but apparently it is actually the DNS. When I switch my workstation to use google DNS, the browser successfully can view the site.

We aren't using any browser proxies.

Here's where it gets weird:

C:\Windows\system32>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Windows\system32>ping cdbaby.com

Pinging cdbaby.com [70.102.112.164] with 32 bytes of data:
Reply from 70.102.112.164: bytes=32 time=14ms TTL=242
Reply from 70.102.112.164: bytes=32 time=14ms TTL=242
Reply from 70.102.112.164: bytes=32 time=15ms TTL=242
Reply from 70.102.112.164: bytes=32 time=14ms TTL=242

Ping statistics for 70.102.112.164:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms

C:\Windows\system32>nslookup
Default Server:  adam.campus.****.***
Address:  192.168.2.4

> cdbaby.com
Server:  adam.campus.****.***
Address:  192.168.2.4

Non-authoritative answer:
Name:    cdbaby.com
Address:  70.102.112.164

Seems good, right?

From the same machine, I run wireshark while I do the nslookup - the result is good, the DNS server responds correctly.

I then try to go the page again, and this time the DNS server fails. I have reset both Firefox and Chrome's internal DNS cache along the way.

If I change the DNS server for the workstation to the other DNS server on site, also Server 2008R2, the request still fails.

What am I missing? If NSLOOKUP and ping resolve the address, why do the DNS lookups by the browser fail?

Thanks! I'd be happy to provide more info.

SteadH
  • 666
  • 3
  • 16
  • 33
  • That shows it works for the 192.168.2.4 DNS server. Do you have any other DNS servers configured normally? – Grant Apr 25 '14 at 00:47
  • Whoops! Yes - I have 192.168.2.17, a second Server 2008R2 DNS Server. Changing the primary DNS server to 2.17 still results in a failure. – SteadH Apr 25 '14 at 00:51
  • AFAIK, IE (and most other browsers) have their own DNS cache. Once IE gets the info from the OS DNS cache, it caches it (I've read for up to 30 minutes). So changing your DNS servers doesn't do anything on two fronts: 1. The DNS client already has the record cached and therefore doesn't need to query for it again, even though you've changed DNS servers. Assuming a less than 30 minute TTL on the DNS record, IE will use what is in it's cache regardless of what DNS servers you use, because it's not telling the OS to query for that record, it's using what's already in the IE DNS cache. – joeqwerty Apr 25 '14 at 01:22
  • Try with just one server listed. Windows isn't guarenteed to use the primary as its first choice. – Grant Apr 25 '14 at 01:22
  • Grant - I removed the other, flushed caches and tried again. Good note though - I'll remember that! – SteadH Apr 25 '14 at 05:43
  • Joeqwerty - thanks for the note on caching! Unfortunately, I'm clearing the browser cache and running ipconfig /flushdns each time. – SteadH Apr 25 '14 at 05:44
  • for the heck of it, or if you are desperate, you could try another dns provider, at least temporarily. Most registrars offer free DNS with your domain purchase or you could try something like dnsmadeeasy – user16081-JoeT Apr 25 '14 at 21:40
  • Unfortunately, we're stuck with internal DNS for Active Directory function & local server lookup. Thanks for the suggestion though! – SteadH Apr 28 '14 at 19:37

0 Answers0