Ask the Expert

Why can't I do a lookup on an internal workstation?

My company primarily runs NT4 servers. We recently put a new Win2k DNS server in place on the internal network. We will add another DNS Unix box into the demilitarized zone (DMZ), as well as move our SMTP gateway into our DMZ. We were planning on having the Win2k DNS forward unknown queries to the DMZ DNS, and then out to the ISP.

We provisioned another MX record in our ISP's DNS for that new SMTP gateway, and it appears to have propagated from the Internet side (Dig finds it from a Web site). However, if I try to do a lookup on it from an internal workstation, it doesn't resolve. Using the syntax, it resolves just fine. If I add a host record on the Win2k DNS, it works fine, but since it's external, I don't think that's optimal. I'm not sure how to setup the primary/secondary or how to fix the resolution problem. What's going on here?

    Requires Free Membership to View

It sounds like your ISP thinks it's authoritative for your domain, and your internal DNS server also thinks that it is authoritative. If your internal server thinks it's authoritative for the domain containing the MX record you're querying, it's not going to forward the request to your ISP's DNS server. If it doesn't know how to answer the request, it will just respond that the record doesn't exist.

I would tell the ISP to be secondary to your primary DNS server. Configure the MX record on your own server.

This was first published in July 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: