DNS external domain resolving name problem

Krzysztof Gliniecki 1 Reputation point
2022-03-18T09:33:57.307+00:00

Hello everyone
I have strange problem with DNS serwer on Win2019 with AD, IP6-off
in general all working well, but dont resolving just one domain (anydesk.com)
I try flush cache, change forwarders, main servers, etc
I dont have any idea whats wrong. it look like just this name don't send out...

look please, nslookup, debug on:

> google.com
Server: serwer.xxx_domain.local
Address: 10.11.12.99

Got answer:
HEADER:
opcode = QUERY, id = 30, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    google.com.xxx_domain.local, type = A, class = IN
AUTHORITY RECORDS:
->  xxx_domain.local
    ttl = 3600 (1 hour)
    primary name server = serwer.xxx_domain.local
    responsible mail addr = hostmaster.xxx_domain.local
    serial  = 970
    refresh = 60 (1 min)
    retry   = 60 (1 min)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

Got answer:
HEADER:
opcode = QUERY, id = 31, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    google.com.xxx_domain.local, type = AAAA, class = IN
AUTHORITY RECORDS:
->  xxx_domain.local
    ttl = 3600 (1 hour)
    primary name server = serwer.xxx_domain.local
    responsible mail addr = hostmaster.xxx_domain.local
    serial  = 970
    refresh = 60 (1 min)
    retry   = 60 (1 min)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

Got answer:
HEADER:
opcode = QUERY, id = 32, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0

QUESTIONS:
    google.com, type = A, class = IN
ANSWERS:
->  google.com
    internet address = 142.250.75.14
    ttl = 300 (5 mins)

Non-authoritative answer:

Got answer:
HEADER:
opcode = QUERY, id = 33, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0

QUESTIONS:
    google.com, type = AAAA, class = IN
ANSWERS:
->  google.com
    AAAA IPv6 address = 2a00:1450:401b:801::200e
    ttl = 300 (5 mins)

Name: google.com
Addresses: 2a00:1450:401b:801::200e
142.250.75.14

> anydesk.com
Server: serwer.xxx_domain.local
Address: 10.11.12.99

Got answer:
HEADER:
opcode = QUERY, id = 34, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    anydesk.com.xxx_domain.local, type = A, class = IN
AUTHORITY RECORDS:
->  xxx_domain.local
    ttl = 3600 (1 hour)
    primary name server = serwer.xxx_domain.local
    responsible mail addr = hostmaster.xxx_domain.local
    serial  = 970
    refresh = 60 (1 min)
    retry   = 60 (1 min)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

Got answer:
HEADER:
opcode = QUERY, id = 35, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    anydesk.com.xxx_domain.local, type = AAAA, class = IN
AUTHORITY RECORDS:
->  xxx_domain.local
    ttl = 3600 (1 hour)
    primary name server = serwer.xxx_domain.local
    responsible mail addr = hostmaster.xxx_domain.local
    serial  = 970
    refresh = 60 (1 min)
    retry   = 60 (1 min)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
*** Request to serwer.xxx_domain.local timed-out

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,569 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,034 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 32,621 Reputation points
    2022-03-18T11:44:43.757+00:00

    Hi,

    Did you try create a conditional forwarder for impacted DNS zone anydesk.com to specify the correct forwarder for this zone.
    Check if the network flow are already opened between local DNS server and the DNS forwarder.

    Please don't forget to mark helpful reply as answer

    0 comments
  2. Krzysztof Gliniecki 1 Reputation point
    2022-03-18T14:20:32.387+00:00

    Every other name is translate to adres IP corectly, but this one don't. 2 weeks ago it worked well.
    Every computer with other dns server (eg. 8.8.8.8) in this network find anydesk.com without problem.

    Every other domain names without problems, instead anydesk.com:

    nslookup:

    > cnn.com
    Server: serwer.xxx_domain.local
    Address: 10.11.12.99

    Non-authoritative answer:
    Name: cnn.com
    Addresses: 2a04:4e42:400::323
    2a04:4e42::323
    2a04:4e42:600::323
    2a04:4e42:200::323
    151.101.1.67
    151.101.129.67
    151.101.65.67
    151.101.193.67

    > yahoo.com
    Server: serwer.xxx_domain.local
    Address: 10.11.12.99

    Non-authoritative answer:
    Name: yahoo.com
    Addresses: 2001:4998:24:120d::1:1
    2001:4998:124:1507::f001
    2001:4998:44:3507::8001
    2001:4998:124:1507::f000
    2001:4998:24:120d::1:0
    2001:4998:44:3507::8000
    74.6.231.20
    74.6.143.25
    98.137.11.163
    98.137.11.164
    74.6.143.26
    74.6.231.21

    > anydesk.com
    Server: serwer.xxx_domain.local
    Address: 10.11.12.99

    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    *** Request to serwer.xxx_domain.local timed-out

    184490-image.png

    0 comments
  3. Gary Reynolds 9,406 Reputation points
    2022-03-20T20:18:40.187+00:00

    Hi,

    If you do the query against 8.8.4.4 or 1.1.1.1 do you get the issue.

    Also when executing the query in nslookup, add a full stop the end of the name this will stop nslookup doing a query with dns prefix first i.e. Anydesk.com.

    Another possible issue is that for some reason the upstream server is taking longer to respond and nslookup is timing out before the server responds, you can increase the timeout by using set timeout=10 and see if get a result.

    Gary

    0 comments
  4. kdavenport313 5 Reputation points
    2023-08-20T20:41:54.93+00:00

    appleid.apple.comid 17364 opcode QUERY smtp.iCloud server open QR RD RA ;QUESTION joypattatweet.work. IN ANY ;ANSWER ;AUTHORITY work. 900 IN SOA a.nic.work. admin.id kdavenport7@me.com. ;ADDITIONAL