I have a network where DHCP was set to proxy to upstream DNS. ipconfig /all shows DNS for internal clients is Meraki local IP. I then set DHCP to proxy to OpenDNS. I did ipconfig /renew and now DNS is set as 22.214.171.124 and 126.96.36.199
How come when I ping internal DNS names (like device1, device2, device3) it still works? If I do NSLookup, it fails, but if I ping, it does resolve the internal IP address properly. How is that working if the DNS servers is set as OpenDNS?
Also note, I went as far as testing multiple computers, checking HOSTS file, and doing ipconfig /flushdns -- somehow the device knows to search locally for that device instead of using OpenDNS DNS servers.
I wonder if doing an ipconfig /flushdns would stop the inside stuff from resolving?
Edit: I'll just read your ENTIRE post next time, nothing to see here!
Until someone smarter than me pipes in, I'd suggest to a packet capture to see where the clients are getting the DNS info from.
There are many methods of name resolution. NetBIOS broadcast, multicast DNS/mDNS/Bonjour, WINS, host file, unicast DNS.
You changed the DNS (aka unicast DNS). However your machine is still able to use broadcast and multicast methods to do local name resolution (which is not the same as DNS).
This is the reason why you can still ping machines locally, but can not locate them via nslookup.
If it is a Windows machine it may be using NetBios. The below command shows the NetBios name resolution cache:
When I check my "as futzed by Microsoft" Win 10 workstation, it makes no use of NetBios, and I do make use of OpenDNS as well as other Name servers.
Microsoft has recently decreed that we are not allowed to use "rude words" in Word documents . . . fortunately, Yiddish is a hobby of mine. The common American term futz has interesting, and useful, Middle High German and Yiddish roots.
Set your DHCP to give out your internal DNS servers. Then set your internal DNS servers to forward to OpenDNS. We have the same setup and that is their recommended configuration. If you have any public wifi networks or anything that doesn't need to be attempting to use your internal DNS servers you can set those to custom DNS and specify those OpenDNS IPs. Note: All of our device management IPs just use public DNS like OpenDNS. Those are just for checking into the internet so no need to have those using internal DNS which is likely less reliable.