Weird Internal DNS issue with inhouse Exchange 2010 server.

I narrow down the issue and I think it has something to do with priority/metrics. It looks like all zones on the dns server uses external queries first before using internal ones. I created a new dns zone called abc.com(domain exist externally. Ping to 34.216.127.34). www.abc.com points externally on all workstations since a external A record exist. blehbleh.abc.com points internally since external A record does not exist. See nslookup debugging log below. I'm hoping there is just a setting that I can disable on the DNS settings.

Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\administrator>nslookup Default Server: sbs11.cpa.local Address: 10.11.12.11

set debug = on Unrecognized command: set debug = on set debug=on www.abc.com Server: sbs11.cpa.local Address: 10.11.12.11


Got answer: HEADER: opcode = QUERY, id = 2, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    www.abc.com.cpa.local, type = A, class = IN
AUTHORITY RECORDS:
->  cpa.local
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster
    serial  = 48833
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)


Got answer: HEADER: opcode = QUERY, id = 3, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    www.abc.com.cpa.local, type = AAAA, class = IN
AUTHORITY RECORDS:
->  cpa.local
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster
    serial  = 48833
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)


Got answer: HEADER: opcode = QUERY, id = 4, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 4, authority records = 4, additional = 0

QUESTIONS:
    www.abc.com, type = A, class = IN
ANSWERS:
->  www.abc.com
    canonical name = abc.com
    ttl = 210 (3 mins 30 secs)
->  abc.com
    internet address = 34.216.127.34
    ttl = 210 (3 mins 30 secs)
->  abc.com
    internet address = 54.244.12.90
    ttl = 210 (3 mins 30 secs)
->  abc.com
    internet address = 54.70.181.249
    ttl = 210 (3 mins 30 secs)
AUTHORITY RECORDS:
->  abc.com
    nameserver = orns02.dig.com
    ttl = 210 (3 mins 30 secs)
->  abc.com
    nameserver = sens01.dig.com
    ttl = 210 (3 mins 30 secs)
->  abc.com
    nameserver = sens02.dig.com
    ttl = 210 (3 mins 30 secs)
->  abc.com
    nameserver = orns01.dig.com
    ttl = 210 (3 mins 30 secs)

Non-authoritative answer:

Got answer: HEADER: opcode = QUERY, id = 5, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    www.abc.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  www.abc.com
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster.cpa.local
    serial  = 2
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

Name: abc.com Addresses: 34.216.127.34 54.244.12.90 54.70.181.249 Aliases: www.abc.com

blehbleh.abc.com Server: sbs11.cpa.local Address: 10.11.12.11


Got answer: HEADER: opcode = QUERY, id = 6, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    blehbleh.abc.com.cpa.local, type = A, class = IN
AUTHORITY RECORDS:
->  cpa.local
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster
    serial  = 48833
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)


Got answer: HEADER: opcode = QUERY, id = 7, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    blehbleh.abc.com.cpa.local, type = AAAA, class = IN
AUTHORITY RECORDS:
->  cpa.local
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster
    serial  = 48833
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)


Got answer: HEADER: opcode = QUERY, id = 8, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0

QUESTIONS:
    blehbleh.abc.com, type = A, class = IN
ANSWERS:
->  blehbleh.abc.com
    internet address = 10.11.12.11
    ttl = 3600 (1 hour)


Got answer: HEADER: opcode = QUERY, id = 9, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
    blehbleh.abc.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  blehbleh.abc.com
    ttl = 3600 (1 hour)
    primary name server = sbs11.cpa.local
    responsible mail addr = hostmaster.cpa.local
    serial  = 2
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

Name: blehbleh.abc.com Address: 10.11.12.11

/r/sysadmin Thread