JSI Tip 2267. DNS is not resolving some domain names?

If your Windows NT or Windows 2000 DNS server resolves client queries for internet hosts, some domain names may not resolve.

A partial list of affected domain names includes:





The problem will arise when your DNS server is inside a firewall, it queries an authoritative name server that is outside, and receives a reply with a different source IP address than expected.

If the outside server has a load balancing feature, this can occur.

Your options are:

Set the Forwarders option on the inside server to an outside server, which causes a recursive query. This causes the reply to have the expected source IP address.

Set the firewall to allow all inbound port 53 traffic that is destined to your inside server.

