DNS not resolving for one specific external domain from our domain controllers. All others work.

Keith Crofutt 21 Reputation points
2021-10-14T19:18:34.787+00:00

There is one external domain that used to work, but recently is no longer resolving from our internal network. We use the built-in DNS service from Microsoft Server. Changing the DNS setting on internal systems to an open DNS, such as 1.1.1.1 solves the issue, but this is not ideal as a resolution for our internal systems.

Any ideas what can be checked, why this could be impacting just the Microsoft DNS services? There are no other external domains that seem to be having the issue. Doing packet tracing, they always stop after getting to the internal DNS.

Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions
0 comments

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426.1K Reputation points MVP
    2021-10-14T19:40:33.967+00:00

    Website or windows domain traffic? For the latter you'll need a VPN between sites.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. Keith Crofutt 21 Reputation points
    2021-10-14T19:47:26.717+00:00

    It is just browser traffic. The external domain is a public webpage by a third-party, no VPN needed to reach it. It is just traffic on our internal domain, using our Windows Server DNS that has issue to just this one external website.

    0 comments
  3. Dave Patrick 426.1K Reputation points MVP
    2021-10-14T19:50:22.79+00:00

    external domain is a public webpage by a third-party

    There's not much you can do other than try using different forwarders. May need to ask the site owner about the issue.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

  4. Keith Crofutt 21 Reputation points
    2021-10-15T13:39:49.62+00:00

    Nope, we thought for a bit it might have been Defender or Intune but there are no settings to block/filter websites. When running the built in Windows Diagnostics after failure to reach the site, it reports that DNS server are unavailable. This is obviously not true since every other website and resource works with no issues, internal and external. So at this point we are baffles. Traces show the browsers reaching the DNS servers, but then nothing. Packets die.

    0 comments
  5. Dave Patrick 426.1K Reputation points MVP
    2021-10-15T14:03:31.387+00:00

    it reports that DNS server are unavailable

    What DNS server? There are many public DNS servers. The site itself may have some sort of registration problem, may need to contact the site owner.

    --please don't forget to upvote and Accept as answer if the reply is helpful--