Question about hosts file and DNS override

Question

Hello

I have the following setup

A Windows 2019 Domain Controller with DNS installed

A Windows 10 domain joined client computer point to the Domain Controller for DNS

I have a Dummy DNS records called Dummy.MyDomain.Local with an IP address or 10.10.10.10 (on the DNS Server)

I want to override this do when the Windows 10 client wants to resolve Dummy.MyDomain.Local it resolves to some other address e.g. 10.20.10.10

Therefore I added an entry to the Client on hosts files

Dummy.MyDomain.Local 10.20.10.10

Then rebooted,

When I do a IPConfig /DisplayDNS on the client it shows Dummy.MyDomain.Local resolved to 10.20.10.10 as I would want

if I do a Ping Dummy.MyDomain.Local it tries to reach 10.20.10.10 (OK so far)

if I do an NSLookup Dummy.MyDomain.Local it returns 10.10.10.10 (not want I want)

I then look at the local DNS cache again on the client IPConfig /DisplayDNS and it still shows 10.20.10.10 (and there is no entry for 10.10.10.10). Therefore the DNS cache on the client appears to be being ignored when using NSLookup? I always thought the DNS cache would be used 'first' and if it cannot find the record it would go to hosts/DNS in that order.

I then added the hosts files to the Domain Controller, but experienced the same issue as above (no matter that the host file says or the fact the hosts file entry in in the DNS cache, it always returns the entry in the DNS database).

Can someone please assist me in resolving this issue

Thanks in advance

Charlie

Answer 1

Hi，
For my understanding, if you try to resolve the same FQDN and get different IP addresses returned, you may achieve that under some circumstances.

You can refer to below link as a guide to learn how to use DNS policy to control how a DNS server processes name resolution queries based on different parameters that you define in policies in Windows Server 2016.
https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policy-scenario-guide

You can configure DNS policies to specify how a DNS server responds to DNS queries with powershell by the following link.
https://powershellmagazine.com/2015/05/13/introducing-dns-policies-in-windows-server-2016-technical-preview-2/

Please be advised, DNS policy is based on different subnets or geographies. If your goal is that different IP addresses are returned from different subnets (subnets can be in a same domain, from the same DNS server), this should be workable through DNS Policy.

Best Regards,
Mulder Zhang

--------------------------------------------------------------

If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

nslookup does not use a local hosts file for lookup. The solution may be to create a static record on your DNS server.

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 3

Hello DSPatrick

Thanks for taking the time to reply

The issue I have however (and I am not sure it can be solved) is I have the same FQDN (e.g. A record) and depending on which client is asking, to resolve the IP address I want to give them different answers, meaning if clientA asks for Dummy.MyDomain.Local they get one IP address returned but if clientB asks they get a different IP address returned. To complicate matters this is from the same DNS server

Any suggestions,

Thanks in advance
Charlie

Answer 4

Windows active directory and DNS in general just cannot work this way.

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 5

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--