DNS (Domain Name Server) is a huge distributed database. It implements domain name resolution through a domain name server providing information about a specified domain. The domain name server is responsible for converting the domain name into an IP address. It is impossible to place all domain name information in the Internet on the same computer. Therefore, the DNS system adopts a tree structure, storing the domain name information of different domains at different levels in different domain name servers, and the highest level is the root domain server.
Due to the needs of corporate offices, the author deployed a DNS server in the LAN, and the DNS server address parameters on all clients are set to the IP address of the server. In addition, a new domain named "" was created in the DNS server for corporate employees to access internal websites.
However, after testing, users can access the corporate intranet normally, but problems will arise when accessing websites on the Internet. After the author changes the client's DNS server address to the IP address of the public network DNS server, he can access the website on the Internet, but he cannot access the internal website of the enterprise. However, in order to save money, the domain is not registered on the DNS server on the public network, and can only rely on the internal DNS server of the enterprise network for analysis. Is there no way to have the best of both worlds?
analyze
DNS (Domain Name Server) is a huge distributed database. It implements domain name resolution through a domain name server providing information about a specified domain. The domain name server is responsible for converting the domain name into an IP address. It is impossible to place all domain name information in the Internet on the same computer. Therefore, the DNS system adopts a tree structure, storing the domain name information of different domains at different levels in different domain name servers, and the highest level is the root domain server.
If you want to resolve a domain name named, the client must first contact the local domain name server. If the domain name information cannot be found, the local domain name server will send a request to the root domain server to query the IP address. The root domain server finds that the domain name does not belong to its own jurisdiction, but to a domain under the net. It will notify the domain name server to contact the domain name server of the net domain to obtain more information and send the local domain name server an address list of all the net domain name servers. Then the local domain name server will continue to send resolution requests to these servers until the domain name server to which the domain belongs is found and the IP address information is returned to the client.
Since the author has created the root domain and net domain in the DNS server in the LAN, when the DNS server receives a domain name that cannot be resolved, it will mistakenly think that it is the root domain server and cannot find the real root domain server in the Internet. Therefore, the problem that the client cannot use the domain name to access the website.
Solution
First, delete the root domain, net domain and domain in the DNS server, and then recreate a domain. This domain is created to allow the client to access the internal corporate website normally. At the same time, note that in addition to the domains necessary for internal websites of the enterprise, you should try to create as few domains as possible to prevent the DNS server from resolving the domain name incorrectly or being unable to resolve.