DNS resolving once, then answer from external DNS

Hi,
I have a Nethserver configured as Active Directory (Working) and as DNS. The DNS are not working as expected.
I have some hosts in the DNS that are accessible from Internet but I have an internal address to them. If I ping the hosts I get the internal address. If I ping once more (and all pings after) I get the external address instead. That is not good.
If I ping one address that exists only in my Nethserver DNS with an internal address I get the correct answer all the time.

What can be wrong with my DNS?

/Pelle

PC are all in DHCP? Check this:

  • Dhcp -> Settings -> DNS field (check that is NS IP address)
  • after apply, launch command on PCs ipconfig /release and ipconfig /renew (ifconfig if it’s linux)
  • If not working try to set DNS manually on PC and look if it works.

Remember to clean DNS cache after any operation with command ipconfig /flushdns

1 Like

But you ping them from external, not from internal?

What is your gateway, nethserver? If so, what is the configuration, one red interface for internet and a green one for internal network?
Can you give us the domain what is reachable from internet, I want to try to ping it. If you don’t want to post it, you also can send a private message.

Hi, sorry but I missed this information. No, I try to ping it from inside. Ping from outside gives the right IP address. The site are not working from outside but this is maybe the same problem or something else.
The address are brf.kullgarden.se.

I tried to ping the address and it resolves to

85.8.12.127

Tried this IP by
https://www.heise.de/netze/tools/whois/

Abuse contact for ‘85.8.0.0 - 85.8.63.255’ is ‘noc@alltele.se’

If I try the domain at a browser I get a nextcloud Login page. It looks like it works fine.
Did you try with several computers?

What you also can do is like @federico.ballarini said

ipconfig /flushdns

for Windows or for Linux look at the following page:

Nice, I see the site is working from outside if I use http instead of https and that is another problem.

I have flushed the DNS and set static address with my Nethserver as DNS but I got one answer right (the internal address for my site) and after that I get the external address.
I have a Linux PC (Ubuntu) to test with.

/Pelle

Could you enter via SSH into NethServer and ping the address and see if answer by the server is always correct?

I suppose that NS is DNS of your Lan and you are in Lan with the PC. Please explain more of your network.

I’ve some problems to understand. Your Nethserver is an internal DNS, or is it a public one? If it is internal, you can’t take it’s IP as DNS in an other network, only in the same one.
And I don’t get your internal IP if I ping.

ping brf.kullgarden.se

Ping wird ausgeführt für masendata.com [85.8.12.127] mit 32 Bytes Daten:
Antwort von (MyGateway): Zielhost nicht erreichbar.
Antwort von (MyGateway): Zielhost nicht erreichbar.
Antwort von (MyGateway): Zielhost nicht erreichbar.
Antwort von (MyGateway): Zielhost nicht erreichbar.

Ping-Statistik für 85.8.12.127:
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),

Here are my network explained (some faked name to make it more easy to understand):

.Internet
. . . 85.8.12.127 WAN
. . . . . Firewall (act as DHCP server and sends out Nethserver AD01 as DNS)
. . . . … . . . .LAN
. . . . … . . . … . . . .Webserver1, My web server with the site brf.kullgarden.se
. . . . … . . . … . . . .AD01, My Nethserver with DNS
. . . . … . . . … . . . … . . . .DNS with brf.kullgarden.se pointing to the internal address, Webserver1
. . . . … . . . … . . . .PC01, My PC with Ubuntu

When I, from PC01, ping brf.kullgarden.se I get one answer with the correct internal address and next time I ping, and all after that, I get the external address to brf.kullgarden.se. If I flush DNS on PC01 the first ping are correct and after that I get the external address again.

Could you try to ping it direclty from NethServer CLI and see if behavior it’s the same?

ping from Nethserver to brf.kullgarden.se gives med the internal address all times.

Try nslookup command from your PC and post the two complete different results.

First time after DNS flush, from PC01:
$ nslookup brf.kullgarden.se
Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
Name: brf.kullgarden.se
Address: 192.xxx.xxx.xxx (the correct internal address)
brf.kullgarden.se canonical name = www.masendata.com.
www.masendata.com canonical name = masendata.com.

Second time, from PC01:
Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
brf.kullgarden.se canonical name = www.masendata.com.
www.masendata.com canonical name = masendata.com.
Name: masendata.com
Address: 85.8.12.127

I think that the address of your DNS server it’s not this. It should be 192.xxx.xxx.xxx or I’m wrong?

I get the same result from other Ubuntu installations to, on other networks, all results in
Server: 127.0.0.53
Address: 127.0.0.53#53

Could you try from Windows CMD?

The address is from systemd DNS resolver (systemd-resolved)

2 Likes

Yes @dnutan thank you, I think the problem is instead of systemd resolver. I think that in windows there isn’t the problem.
I wait for a check by @PelleH

You are right, @dnutan and @federico.ballarini. In Windows there are no problem. The problem appears in both Ubuntu 18.04 server and client.
Do you have any idea on how to disable this annoying problem?

Could you post your configuration into /etc/resolv.conf ?