nslookup not working for single domain

Question

For the last week I have been unable to resolve dnb.com from my network. I have windows DNS servers and when I try to run an NSlookup it times out. Below are the diagnostics. Any idea as to what to try or what the issue may be would be appreciated! Every other domain I try resolves without issue.

> dnb.com
Server:  localhost
Address:  ::1

------------
SendRequest(), len 38
    HEADER:
        opcode = QUERY, id = 12, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        dnb.com.X.local, type = A, class = IN

------------
------------
Got answer (102 bytes):
    HEADER:
        opcode = QUERY, id = 12, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        dnb.com.X.local, type = A, class = IN
    AUTHORITY RECORDS:
    ->  X.local
        type = SOA, class = IN, dlen = 40
        ttl = 3600 (1 hour)
        primary name server = dc09.X.local
        responsible mail addr = hostmaster.X.local
        serial  = 5247417
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
SendRequest(), len 38
    HEADER:
        opcode = QUERY, id = 13, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        dnb.com.X.local, type = AAAA, class = IN

------------
------------
Got answer (102 bytes):
    HEADER:
        opcode = QUERY, id = 13, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        dnb.com.X.local, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  X.local
        type = SOA, class = IN, dlen = 40
        ttl = 3600 (1 hour)
        primary name server = dc09.X.local
        responsible mail addr = hostmaster.X.local
        serial  = 5247417
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
SendRequest(), len 25
    HEADER:
        opcode = QUERY, id = 14, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        dnb.com, type = A, class = IN

------------
DNS request timed out.
    timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
------------
SendRequest(), len 25
    HEADER:
        opcode = QUERY, id = 15, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        dnb.com, type = AAAA, class = IN

------------
DNS request timed out.
    timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
*** Request to localhost timed-out

Answer 1

Please run;

Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log (run on PDC emulator)
repadmin /showrepl >C:\repl.txt (run on any domain controller)
ipconfig /all > C:\%computername%.txt (run on EVERY domain controller)
ipconfig /all > C:\problemworkstation.txt (run on problem pc)

Also check the domain controller System and Replication (DFS or FRS) event logs for errors since last boot. Post the Event Source and Event IDs of any found. (no evtx files)

then put unzipped text files up on OneDrive and share a link.

Answer 2

Ok, then it sounds like you may need a split brain deployment.

https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-sb-with-ad

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 3

Appears to have been the DNS protection service on my firewall. Blocking just that domain. Working with the vendor's support to resolve the issue.