处理这个问题已经有一段时间了,但到目前为止还没有成功... 环境:服务器 2008R2 AD 和 DNS(由路由器提供的 DHCP)静态 IP 为 127.0.0.1,路由器 IP 作为网站的 DNS 主机 https 部分。非 HTTPS 部分托管在我们的内部网络之外。DNS 将 members.mydomain.net 作为正向查找区域,SOA 和 NS 记录指向 server.mydomain.local(此服务器)
问题 1:在任何公共网络上,一切都运行正常。在内部网络上,我无法提取网站的任何 HTTPS 部分。它返回“页面未找到”。NSLOOKUP
C:\Users\Administrator>nslookup
Default Server: UnKnown
Address: ::1
> set debug
> members.mydomain.net
Server: UnKnown
Address: ::1
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
members.mydomain.net.mydomain.local, type = A, class = IN
AUTHORITY RECORDS:
-> mydomain.local
ttl = 3600 (1 hour)
primary name server = server.mydomain.local
responsible mail addr = hostmaster.mydomain.local
serial = 2517
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
members.mydomain.net.mydomain.local, type = AAAA, class = IN
AUTHORITY RECORDS:
-> mydomain.local
ttl = 3600 (1 hour)
primary name server = server.mydomain.local
responsible mail addr = hostmaster.mydomain.local
serial = 2517
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
members.mydomain.net, type = A, class = IN
AUTHORITY RECORDS:
-> members.mydomain.net
ttl = 3600 (1 hour)
primary name server = server.mydomain.local
responsible mail addr = hostmaster.mydomain.local
serial = 1
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
members.mydomain.net, type = AAAA, class = IN
AUTHORITY RECORDS:
-> members.mydomain.net
ttl = 3600 (1 hour)
primary name server = server.mydomain.local
responsible mail addr = hostmaster.mydomain.local
serial = 1
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
Name: members.mydomain.net
问题是,几个月前一切都运行正常。我知道已经做了更改(新路由器、新 SSL 证书,可能还有其他一些内容),但服务器的 DNS 配置没有任何变化。客户对无法在自己的网络中使用网站感到沮丧。任何帮助都将不胜感激。
问题 2:类似,但不完全一样... remote.mydomain.com 指向此服务器上的 RDP。在内部网络外部工作正常。从网络内部 ping 我们的外部 IP 地址,但当用作 RDP 会话的地址时,显示计算机没有响应或未设置远程。remote.mydomain.com 在该服务器上我们自己的 DNS 中没有任何条目。仅依赖外部地址。同样,这也有效,但现在不行了。
我很困惑,因为这两个问题很类似,但我怀疑它们表明的是不同的问题。
答案1
如果我没看错的话,members.mydomain.net从 LAN 查询时应该解析为 LAN 上服务器的 IP 地址。如果这是准确的,请在members.mydomain.netDNS 正向查找区域中创建一个带有空白主机名的“A”记录,以解析为托管网站的计算机的 IP 地址membbers.mydomain.net。
就您的remote.mydomain.net名字而言,创建一个名为正向查找区域remote.mydomain.net,其“A”记录类型与上述相同(显然,除了使用托管 RDP 的机器的 IP 地址)。
我猜测该membbers.mydomain.net区域中曾经有一个“A”记录,但被某人错误地删除了。