Hey everyone, I'm in a bit of a bind with our new website (www.example.com) that was built for clients but is running into DNS issues. The site is hosted externally, and we share the domain name with our Domain Controllers (example.com). When WAN users try to access the website, the traffic incorrectly goes to our IIS home page at Dc01.example.com, which is not a part of my current environment.
I've created an A record for 'www' on my DNS server to point it to the website, and I added a forwarder to public DNS. Additionally, I've updated the local host file with the website's IP address.
Our firewall uses DHCP for DNS over WAN, which is set up for line of sight with the DCs. Interestingly, the website works fine for users connected to WiFi, but WAN users are struggling. While flushing DNS and clearing the browser cache helps briefly, the problem reappears after about 10-15 minutes, and even incognito mode doesn't solve it.
I've implemented firewall rules and DNS host entries, trying to establish another DNS request route. It's been frustrating, and I'm starting to feel lost. I'm wondering if there's anything I could be missing?
Edit: I've been reading about Split Brain DNS, which might be useful, as we now keep getting redirect timeouts since the hosting provider is redirecting www.example.com to example.com, causing further complications.
3 Answers
Using a subdomain for your internal domain can simplify things, and it looks like Split Brain could work for you. Just be aware that it’s important to get your DNS settings right to avoid looping issues.
It should make a difference! Let me know how it goes.
Make sure you set up a forward for 'www' using external DNS servers like 1.1.1.1 or 8.8.8.8. A CNAME or A record might not work if your website's behind a proxy or load balancer. I also suggest avoiding using .local for your internal domain setup.
Yeah, .local is often discouraged because it can cause various issues. You might want to look into using .internal for your internal domains as a better option.
Got it! Thanks for the heads up.
Split Brain DNS sounds like what you need to resolve this issue. Check into how it might help with your current configuration to prevent these routing problems.
Thanks for the input! I’m trying out the Split Brain setup right now.