question

CharlieMelga-6484 avatar image
0 Votes"
CharlieMelga-6484 asked CharlieMelga-6484 answered

Question about hosts file and DNS override

Hello

I have the following setup

A Windows 2019 Domain Controller with DNS installed

A Windows 10 domain joined client computer point to the Domain Controller for DNS

I have a Dummy DNS records called Dummy.MyDomain.Local with an IP address or 10.10.10.10 (on the DNS Server)

I want to override this do when the Windows 10 client wants to resolve Dummy.MyDomain.Local it resolves to some other address e.g. 10.20.10.10

Therefore I added an entry to the Client on hosts files

Dummy.MyDomain.Local 10.20.10.10

Then rebooted,

When I do a IPConfig /DisplayDNS on the client it shows Dummy.MyDomain.Local resolved to 10.20.10.10 as I would want

if I do a Ping Dummy.MyDomain.Local it tries to reach 10.20.10.10 (OK so far)

if I do an NSLookup Dummy.MyDomain.Local it returns 10.10.10.10 (not want I want)

I then look at the local DNS cache again on the client IPConfig /DisplayDNS and it still shows 10.20.10.10 (and there is no entry for 10.10.10.10). Therefore the DNS cache on the client appears to be being ignored when using NSLookup? I always thought the DNS cache would be used 'first' and if it cannot find the record it would go to hosts/DNS in that order.

I then added the hosts files to the Domain Controller, but experienced the same issue as above (no matter that the host file says or the fact the hosts file entry in in the DNS cache, it always returns the entry in the DNS database).

Can someone please assist me in resolving this issue

Thanks in advance

Charlie



windows-dhcp-dns
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JiangZhang-MSFT avatar image
0 Votes"
JiangZhang-MSFT answered JiangZhang-MSFT edited

Hi,
For my understanding, if you try to resolve the same FQDN and get different IP addresses returned, you may achieve that under some circumstances.

You can refer to below link as a guide to learn how to use DNS policy to control how a DNS server processes name resolution queries based on different parameters that you define in policies in Windows Server 2016.
https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policy-scenario-guide

You can configure DNS policies to specify how a DNS server responds to DNS queries with powershell by the following link.
https://powershellmagazine.com/2015/05/13/introducing-dns-policies-in-windows-server-2016-technical-preview-2/

Please be advised, DNS policy is based on different subnets or geographies. If your goal is that different IP addresses are returned from different subnets (subnets can be in a same domain, from the same DNS server), this should be workable through DNS Policy.

Best Regards,
Mulder Zhang


If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

nslookup does not use a local hosts file for lookup. The solution may be to create a static record on your DNS server.

--please don't forget to upvote and Accept as answer if the reply is helpful--





5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CharlieMelga-6484 avatar image
0 Votes"
CharlieMelga-6484 answered

Hello DSPatrick

Thanks for taking the time to reply

The issue I have however (and I am not sure it can be solved) is I have the same FQDN (e.g. A record) and depending on which client is asking, to resolve the IP address I want to give them different answers, meaning if clientA asks for Dummy.MyDomain.Local they get one IP address returned but if clientB asks they get a different IP address returned. To complicate matters this is from the same DNS server

Any suggestions,

Thanks in advance
Charlie

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Windows active directory and DNS in general just cannot work this way.

--please don't forget to upvote and Accept as answer if the reply is helpful--







5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--






5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CharlieMelga-6484 avatar image
0 Votes"
CharlieMelga-6484 answered

Thanks very much Jiang

I will check out the URLs you posted :)

Charlie

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.