Error resolving DNS domain

Question

Error resolving DNS domain

Dear Friends

I have an issue for resolving DNS from internal domain to external on the company, I'll try to explain it...

I have an internal domian as domain.com with AD DS services DNS and DHCP only for internal users.

The company has a web page hosped on third party provider with the same domain as domain.com.

Internelly users cannot resolve the web page because is out company, but I tried to create a record with its Public IP and hostname and I think it works.

On DNS Server has DNS forwarders and root hints and it works ok.

My question is, is it valid to create a record with an Public IP on the internal DNS?

Could anyone help me ? Which is the better recommendation or What Should I configure?

Best regards

Luis Reyes

Answer 1

Dave Patrick 342.4K MVP

Sounds like you may need a split brain deployment.
https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/split-brain-dns-deployment

--please don't forget to Accept as answer if the reply is helpful--

Answer 2

@Luis Eduardo Reyes Gaspar Hi,

Thank you for posting in Q&A!

According to my research, so far there're two methods suggested to solve your issue:

It is suggested to contact your third party website provider, to change the website into "www.domain.com" and add an A record "www" in internal DNS server under the forward lookup zone which point to the public IP of the website.
If it's hard to change the website into "www.domain.com", redirection might be helpful too.
If you don't want to change the website, you can Create an empty A record under the forward lookup zone which point to the public IP of the website.
However, this method is not suggested because it will cause some unexpected problems when the users trying to perform AD authentication.

There're some same issue threads discussed about these solutions, For more details, you can refer to:
https://www.dell.com/support/article/en-sg/sln164042/dns-considerations-in-a-windows-environment-with-identical-internal-and-external-domain-names?lang=en
https://social.technet.microsoft.com/Forums/ie/en-US/4d97325b-ff3a-4f46-ba6e-dc3f4ff978e1/dns-internal-domain-has-same-name-as-external-website?forum=winserverNIS

Hope you have a nice day : )
Gloria

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
https://learn.microsoft.com/en-us/answers/articles/67444/email-notifications.html

Luis Eduardo Reyes Gaspar 41 Reputation points

2020-11-30T18:35:30.527+00:00

HI GloriaGu-MSFT

I appreciate your help so much

So Do you recommend to create a record type A on the internal DNS? if so, I only will have to create a record as www with its IP Public, but is valid to create on the internal DNS?

For the first point, I say it wll be impossible to change the web site

Thank you so much for your answer
Gloria Gu 3,836 Reputation points

2020-12-01T01:53:00.937+00:00

Hi,

If it's impossible to change the website into "www.domain.com", adding an A record "www" with the public IP will be meaningless, because the "www.domain.com" even didn't exist.

The only method will be creating an empty A record with the public IP, so when the internal user want to resolve the "domain.com", it will come up with the result of the existing internal record of the “domain.com” and the public ip randomly (so I said it will cause some AD authentication problems)

But since you can not change the website, it seems that you can only use this method. It is suggested that you can first test in your lab environment, if it works fine, then put it into the production environment, which is more safer, hope it will be helpful to you!

Error resolving DNS domain

2 answers

Activity