none
(Some)Domain Controllers and Clients cannot resolve IRS.GOV RRS feed

  • Question

  • This is an odd one for me.  I first heard this problem from our Accounting department that they cannot access IRS.GOV and I find I cannot either from my desktop.  I check my DC1 (its my PDCe) and it can resolve IRS.GOV (its pointing to DC2 as primary DNS).  DC2 cannot resolve IRS.GOV, its using DC1 as Primary DNS server.  I have a offsite location that is going out a different pipe and firewall to the internet and it always resolves IRS.GOV.

    Also, my other Domain Controllers (5) cannot resolve IRS.GOV, but... every once in awhile they will resolve IRS.GOV.  I am Active Directory Integrated and using Google as my Forwarders. I have flushed the DNS cache on various Domain Controllers and clients with any affect.

    This is the only URL I cannot resolve, USA.GOV, WHITEHOUSE.GOV (I know be careful with this one..) resolve every time on any server, Domain Controller, and client.

    DNS is replicating, no errors in any event viewer attributed to DNS.

    Using the DEBUG option with NSLOOKUP and it doesn't appear IRS.GOV is being appended. We have not had any Change Control that would affect this either.

    Anyone with any ideas?  I have not come across this situation before.

    Wednesday, July 6, 2016 6:17 PM

Answers

  • Hi,

    >>I check my DC1 (its my PDCe) and it can resolve IRS.GOV (its pointing to DC2 as primary DNS). 

     I have a offsite location that is going out a different pipe and firewall to the internet and it always resolves IRS.GOV. 

    Which server did they really use to resolve 'IRS.GOV'?

    >> I am Active Directory Integrated and using Google as my Forwarders.

    Have you tried to change a Forwarder?For example,a local ISP DNS?

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, July 7, 2016 2:17 AM

All replies

  • Hi,

    >>I check my DC1 (its my PDCe) and it can resolve IRS.GOV (its pointing to DC2 as primary DNS). 

     I have a offsite location that is going out a different pipe and firewall to the internet and it always resolves IRS.GOV. 

    Which server did they really use to resolve 'IRS.GOV'?

    >> I am Active Directory Integrated and using Google as my Forwarders.

    Have you tried to change a Forwarder?For example,a local ISP DNS?

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, July 7, 2016 2:17 AM
  • Changing the Forwarder help find the problem.  After using a different forwarder we were able to resolve IRS.GOV and found that the Firewall team had a rule being applied to 8.8.4.4..  Once they changed the rule we were able to resolve IRS.GOV with 8.8.4.4.
    Wednesday, July 20, 2016 12:49 PM