Join Log in
Score:0
AG23 avatar Server

Client on network not resolving local records but using external instead

cn flag
AG23

Problem

When trying to access an internal server via hostnames using NSLookup, I receive the correct DNS server address, FQDN and destination IP address.

When I try to access the server using its client or cURL and PING in CMD it resolves to external IP-adres and failing because firewall config on router is set to block request from private networks. (Connection Fails)

When I try to access the server on my browser, it resolves to internal IP-adres (Connection Succesful)

Configuration

  • Router/Gateway: 192.168.178.1
  • Local DNS Server: 192.168.178.7
  • Server IP-adres: 192.168.178.11
  • Client computer NIC config: STATIC DNS servers 192.168.178.7, 192.168.178.1
  • C:\Windows\System32\drivers\etc\hosts: No Routes Defined

Workaround

  • Editing C:\Windows...\hosts file

Pictures say more then 1000 words

Flushdns + nslookup + curl: image1

Browser developer mode: image2

29
0 + 0
madacoda avatar
jo flag
madacoda
I would first focus on why your browser is resolving the FQDN to an internal IP while your Curl command resolves it to an external IP. I suspect that they are somehow taking different DNS paths. If that is the case you can just fix one or the other so that your results are consistent. Start by seeing what your 'first hop' DNS servers are, and what forwarding rules they have configured.
0
Reply
Score:0
madacoda avatar Server
jo flag
madacoda

You mentioned two local DNS servers on your NIC

  • 192.168.178.1 (router / gateway)
  • 192.168.178.7 (local DNS server)

I suspect your router just resolves external DNS, while your local DNS server has some kind of local zones as well.

The problem with having BOTH of the IPs as DNS servers on your NIC is that the OS is not smart enough to check both logically. It will basically flip flop.

  • One minute your DNS goes through your internal server (browser)
  • Next minute your DNS goes through your router (curl command)

To fix it, just remove the Router/Gateway IP from your NIC. Maybe it's also in your DHCP configuration if you didn't configure that statically.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.