8

I currently started working for a company that has made a boneheaded mistake and I am looking for the least painful way to correct it.

Before I started, they named their local domain using a TLD they did not register. For the purpose of this question lets just say the internal domain is called example.com.

After starting here I found we were having all sorts of DNS issues and problems with name resolution locally and externally. I would ping abc computer and usually it would return a proper 192.168.x.x address per their ip convention.

However, with growing frequency I would would notice issues where it would return an external ip address with the computer name.example.com. After messing around for a few hours I thought to myself... No, it can't be... let me just check. Well I did a whois on example.com and found that we don't own the tld, someone else owns it.

When I confronted the powers that be about this, I was pressed for a resolution and being the bad sysop I came up with:

  1. don't make this mistake;
  2. rename the domain and do all the work that comes with it
  3. pay the oodles of money wanted for the domain that you "forgot" to register and never forget again.

I was in turn told to find another way and that there had to me more solutions than that... Unfortunately, I've never seen anyone make a noob mistake like this because well you had better own the domain you want to use.

Do you have a suggestion?

fukawi2
  • 5,494
Bad Sysop
  • 81

4 Answers4

5

Without attempting to detract from the other answers: if it's available for sale, buy the domain.

With the new .TLD craziness, internal domain names that have been working correctly for years are going to stop working intermittently when people are off-site and it will be because some enterprising company somehow managed to get .internal or .devel or something else silly registered.

I won't ever be setting up internal DNS on a non-registered domain again.

Paul Gear
  • 4,686
0

You should be able to prevent resolving to external IPs by making sure all computers and devices on the network have their DNS servers set to be your local Windows DNS servers.

If for some reason that doesn't do the trick, then additionally create a wildcard "New host (A)" record in your Windows DNS which points to some internal IP address.

sa289
  • 1,418
0

On your local DNS server, the one that your clients are directly asking, create a new DNS zone named yourexample.com and put whatever you need in it. Just make sure this DNS view is not exposed to the Internet. And that none of your internal users will ever actually want to see the real yourexample.com. :)

If your clients are not using your local DNS servers, then either change them to use one, or do something fugly such as intercept all DNS traffic on your border gateway and transparently redirect it to your local DNS server. (Ugh.)

Josip Rodin
  • 1,887
0

I don't know what does DNS resolution in your office but you can setup unbound, and have your workstations get requests from it. You then will use unbound to setup hostname to ip matching with a records.

Registered User
  • 27