Experts, i have some problem in DNS servers configuration, network diagram is shown in figure:
The problem is manifesting as follows:
There're 2 DNS servers servicing both internal and external requests; the first one is the domain controller, another one is mail and web server;
The server servicing external requests is located in LAN and has the address 192.168.1.11; to serve extranet, the router provides static NAT address-to-address;
Clients in LAN use domain controller as DNS server, and it has corresponding zone (it is authoritative for the zone) where names are resolved into local addresses;
The server for extranet requests resolves names to external addresses, it has been tested ok from the outside. If one runs a query from home, e.g.
dig @8.8.8.8 mail.company com.
then it produces the correct answer:
;; ANSWER SECTION: mail.company.com. 0 IN A 111.111.111.111
However, when in LAN, there appears to be a strange anomaly:
dig @8.8.8.8 mail.company.com.
;; ANSWER SECTION:
mail.company.com. 0 IN A 192.168.1.11
Such a response for nslookup:
nslookup -type=A -class=IN mail.company.com. 8.8.8.8
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative:
Name: mail.company.com
Address: 192.168.1.11
Regardless of the external server designated to serve DNS requests (Google DNS, Open DNS, ISP DNS), each of them return LAN addresses.
This looks OK for 192.168.1.101 (domain controller), but not for external servers. Clearing resolver's cache, changing DNS servers at the client PC doesn't help: external DNS servers are sending back local addresses, that's not feasible. The same DNS servers when requested from outside (from home or another office) return correct external addresses.
Remarkably, when sending direct request to my the server servicing external requests, I'm getting correct reply:
Server: ns.company.com.
Address: 192.168.1.11
Name: mail.company.com.
Address: 111.111.111.111
Actually, I'm asking for assistance to help me solve the problem.