I have a caching DNS server at the office and the companies website is being hosted my another web hosting company. Intermittently the problem that I am having is only locally from inside the office network I cannot get to the own companies website. We can go to any other website without any issues, it is only the companies website that nobody can get to it. Outside of the company you are fine! I called the web hosting company and we went to megaproxy.com and tested to see if it was their end or my end and we were able to get to the website from the proxy without any issues. But when I try and get their from with the company it says:

I tried it from the firewall and it is the same. When I try it from the DMZ I can get to it without any problems. I have a caching DNS server and it forwards requests that it can find locally to an external DNS server. What could this be. Very odd! Another point. I do not have port 53 open to only establish or related tcp connections. Does that make a difference. It has been working! Also I have two domains, daman.com and daman.net. I have daman.net redirect all traffic to daman.com. I can ping daman.net and get a reply but I cannot ping daman.com and I cannot get to either domain!

For security reasons I use nodomain.com as the domain.

Should I add a A record pointing to the IP address of the domain or is that a major security risk?

Hi,

Have you tried pinging www.yourcompany.com? If so, does it resolve with your domain name and static IP address? What are the techologies that you are using to cache dns? Do you have a proxy?

I have tried pinging www.mycompany.com and zero I get nothing. I can ping the ip address and get a response no problems at all. I use Squid as my proxy and dansguardian as my filter but I am doing this directly from my firewall. This issue is intermittent!

ok, well intermittent *could* mean that you are using different name servers or something... use a (you guessed it...) packet sniffer to see where your packets are actually going, and also dedicated dns tools like dig and host to just directly inspect the dns infrastructure, rather than just trying to use it within other tools like ping.

has no response

There must be some confusion with the local domain NODOMAIN.com and the NODOMAIN.com for my Hosting company. I know that it is local because you can go to megaproxy.com and put it the domain and bam it is there and all of my clients can get to it externally!help!

What the heck is going on. Now I can get to www.mycompanydomain.com. It is very intermittent. I had a computer that wouldnt install certain windows update. I just reformatted that machine and now everything is back up to normal. Could a trojan,virus, or something had been causing an issue like this? When you have a caching DNS server like the one that I have at my clients site how does it distinguish what is internal mycompanydomain.com(LAN) traffic and www.mycompanydomain.com(WAN) traffic

Possible. But if you're using squid, then probably you also can't resolve any site since its just a web proxy. Why not trying IPCop? It's an all around proxy,gateway and firewall

I have to rule out the proxy because all of my testing is in front of the proxy and on my firewall. So far so good this morning. I am just trying to understand why it is just my domain. Is there any settings in BIND that should be set so internal request know to go to that IP address. Maybe something is not setup right in BIND?

Ok here is a new update. I can get to the website in the DMZ but not inside of the network on any computer. I know that it has something to due with BIND. Where should I start looking?

Does your firewall run PAT? If so, you are going to be having problems till hell freezes over. The explanation is rather long, if you are interested, check Cisco's site for details. My suggestion to you is split DNS. Run an internal authoritative DNS server that services only your internal clients, external clients are serviced by your external service provider. Add the forward and reverse records to your DNS tables. That should take care of your woes. Also, check to make sure that Bind is not querying on port 53. A lot of sites hate this. So if you have the line:

query-source address * port 53;

in your named.conf, remove it.

much love,

The Dude

The Dude,

I removed:

query-source address * port 53;

and restart named

and still the same thing! I have a caching DNS server that does split the DNS responsibilities. It resolves internal host fine and then forwards any requests that it cant satisfy to external DNS servers. Where should I begin looking. It is only the #$!@#$!@#$ companies website that we cannot get to0. But from the DMZ I do not have a problem!

Also another note:

The domain inside the network (mycompany.com)is the same as the website(mycompany.com). So how does DNS no the diffence and where to send requests too. In other words internal from external and the other way around!

Sigh,

Is your firewall running PAT (port address translation)? If it is, you can not use a caching nameserver, period.

Second, from the information that you have posted, it does not sound like you have a split DNS setup correctly. Please post your config files:

/etc/resolv.conf, /etc/named.conf, and your zone files.

I use IPTABLES and I use NAT. As far as bind is concernced here is my conf files:

/etc/resolv.conf

/etc/named.caching-nameserver.conf

var/named/127.0.0.1.zone

/var/named/zone.com.Mycompanydomain

/var/named/revp.192.168.3.0

If I understand you, it's just the single name<->ip-address look-up that causes a problem. So why not just put this name/address in the static /etc/hosts table?

I tryed that as well and add the ip to domain translation in /etc/hosts! What next?