Conditional Forwarders no working after few hours

We've registered a domain "abc.com", and an email server with IP 192.168.x.x and 220.x.x.x which hosted the email of "abc.com".

Our internal DNS server hosted 2 domain, one is "company.com", another one is "abc.com", the A record of "smtp.abc.com" has been added (192.168.x.x), and the people out of company will resolve "smtp.abc.com" to 220.x.x.x using public DNS server.

A turreted domain which add a conditional forwarder of "abc.com" to our internal DNS server, because our AD is "company.com", not "abc.com", "non-auth" is shown next to the IP of internal DNS server.

The conditional forwarder work few hours, it can resolve smtp.abc.com to internal IP address 192.168.x.x. After few hours, it resolve 220.x.x.x. I need to delete the forwarder and recreate it.

Why the conditional forwarders only work for few hours?


August 24th, 2015 2:22am

Hi xexexjonathan,

According to your descripting, conditional forwarder works for a few hours on the DNS server to resolve the email server as private IP address, but after a while, it returns the public IP address of the email server.

When the server returns the public address of the email server, we need to find out that the resolution result is provided by which server. Is this result provided by other public DNS server external when the domain DNS servers conditional forward failed, or is the result provided by the DNS server hosts abc.com?

We may use network monitor to perform a network traffic on the internal DNS server and the DNS server configures conditional forwarder, see if the internal DNS server receives the request packet and returns a public record to the DNS server.

If the public A record of smtp.abc.com is still provides by the internal DNS server, we may check if the internal DNS server creates two records of the same FQDN.

As an alternative, if you just want to visit the email server in the domain, you could create a new zone in the server and add the A record in the zone.

If you want to download network monitor to perform a network traffic packet, you may click the following link:

https://www.microsoft.com/en-us/download/details.aspx?id=4865

Best regards,

Anne he  

Free Windows Admin Tool Kit Click here and download it now
August 24th, 2015 5:07am

I've tried to use nslookup, if query our dns, it resolve public IP. If query from forwarder dns, it resolve internal IP.

I've changed the time out value of conditional forwarders yesterday, it seem work fine now. I will update this post tomorrow.

UpdateIt resolve the public IP again, it doesn't work


August 24th, 2015 11:18pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics