Hey r/DNS I’m a new sysadmin for a small business and I’ve encountered what I believe to be a strange DNS issue.

Individual clients are unable to correctly resolve host names for servers inside our domain. This issue is intermittent and will only affect a single machine at a time, and I am unable to find any common link between affected machines. It has affected machines in different physical locations, different OS’s (win 7 and 8) and various levels of patching (fresh image to fully patched version of windows). It has affected at some point 70% of the machines on our network, often affecting the same machine multiple times. Frequency is approximately 1 per day across a total of 100 connected machines.

On an affected machine we can still able to ping the IP address directly and NSLOOKUP will correctly return the address. On an individual machine level I can release and renew IP address which resolves the issue. Flushing DNS does not. Affected machines never have issues resolving host names outside of our domain. As I understand NSLOOKUP will bypass the windows DNS client which makes me think the local DNS has been poisoned somehow, but I do not understand what causes this and how to permanently resolve?

Any help or direction you guys could point me in would be much appreciated!

