I narrow down the issue and I think it has something to do with priority/metrics. It looks like all zones on the dns server uses external queries first before using internal ones. I created a new dns zone called abc.com(domain exist externally. Ping to 34.216.127.34). www.abc.com points externally on all workstations since a external A record exist. blehbleh.abc.com points internally since external A record does not exist. See nslookup debugging log below. I'm hoping there is just a setting that I can disable on the DNS settings.
Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\administrator>nslookup Default Server: sbs11.cpa.local Address: 10.11.12.11
set debug = on Unrecognized command: set debug = on set debug=on www.abc.com Server: sbs11.cpa.local Address: 10.11.12.11
Got answer: HEADER: opcode = QUERY, id = 2, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.abc.com.cpa.local, type = A, class = IN
AUTHORITY RECORDS:
-> cpa.local
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster
serial = 48833
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer: HEADER: opcode = QUERY, id = 3, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.abc.com.cpa.local, type = AAAA, class = IN
AUTHORITY RECORDS:
-> cpa.local
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster
serial = 48833
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer: HEADER: opcode = QUERY, id = 4, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 4, authority records = 4, additional = 0
QUESTIONS:
www.abc.com, type = A, class = IN
ANSWERS:
-> www.abc.com
canonical name = abc.com
ttl = 210 (3 mins 30 secs)
-> abc.com
internet address = 34.216.127.34
ttl = 210 (3 mins 30 secs)
-> abc.com
internet address = 54.244.12.90
ttl = 210 (3 mins 30 secs)
-> abc.com
internet address = 54.70.181.249
ttl = 210 (3 mins 30 secs)
AUTHORITY RECORDS:
-> abc.com
nameserver = orns02.dig.com
ttl = 210 (3 mins 30 secs)
-> abc.com
nameserver = sens01.dig.com
ttl = 210 (3 mins 30 secs)
-> abc.com
nameserver = sens02.dig.com
ttl = 210 (3 mins 30 secs)
-> abc.com
nameserver = orns01.dig.com
ttl = 210 (3 mins 30 secs)
Got answer: HEADER: opcode = QUERY, id = 5, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.abc.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> www.abc.com
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster.cpa.local
serial = 2
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Name: abc.com Addresses: 34.216.127.34 54.244.12.90 54.70.181.249 Aliases: www.abc.com
blehbleh.abc.com Server: sbs11.cpa.local Address: 10.11.12.11
Got answer: HEADER: opcode = QUERY, id = 6, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
blehbleh.abc.com.cpa.local, type = A, class = IN
AUTHORITY RECORDS:
-> cpa.local
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster
serial = 48833
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer: HEADER: opcode = QUERY, id = 7, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
blehbleh.abc.com.cpa.local, type = AAAA, class = IN
AUTHORITY RECORDS:
-> cpa.local
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster
serial = 48833
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer: HEADER: opcode = QUERY, id = 8, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
blehbleh.abc.com, type = A, class = IN
ANSWERS:
-> blehbleh.abc.com
internet address = 10.11.12.11
ttl = 3600 (1 hour)
Got answer: HEADER: opcode = QUERY, id = 9, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
blehbleh.abc.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> blehbleh.abc.com
ttl = 3600 (1 hour)
primary name server = sbs11.cpa.local
responsible mail addr = hostmaster.cpa.local
serial = 2
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Name: blehbleh.abc.com Address: 10.11.12.11