How can I find the answering DNS server?

domain-name-system trace

Is there a way I can trace a DNS request to see where the answer is coming from?

Our network has internal DNS servers that provide internal IP address resolution, and we use EasyDNS to host our public-facing DNS.

The situation is that EasyDNS is set up correctly for a certain address with its external IP, but when I do a dig from within our network, I get the (correct) internal IP - but the domain does not appear to be set up on any of our internal DNS servers. Our primary DNS server (Active Directory) lists the domain as cached, but doesn't say from where.

How can I trace where dig is getting its results from?


Solution 1:

If using dig:

dig +trace ....

otherwise, run Wireshark to capture the packets.

Solution 2:

I'm quoting Justin Scott's answer, because I'm pretty sure he was right:

Are you using NAT routing? Some NAT routers will inspect DNS packets and translate known external IPs that it handles and convert them to the internal IP addresses in the response before forwarding the packet along the network.

Related

How to diagnose why an update cannot be installed on Windows Server 2003?
Using "Run as..." as limited user to modify network connection settings? [closed]
Remove Domain Server
SQL Server Patching a Mirror configuration
Are there any best practice guides for IIS and .net applications?
How can I resize a LVM partition in Red Hat without lose of data?
VNC Performance
Build a software raid 1 on windows XP
24/7/365 support [closed]
BIND error - loading configuration: unexpected end of input
Self-healing archive file format with redundancy
What scripting language do you use for your logon scripts in your Windows enviroment?