Since a few week, I have issues when trying to access devices or services in my LAN via domain names defined within my local DNS Server. The problem was due to AVAST’s “Secure DNS” feature (recently enabled unmindfully).
I have defined a Master Zone for BeatificaBytes.be in my DNS Server (hosted on my Synology). It’s pointing on my NAS itself. Doing so, I can access my blog from my LAN just as from Internet. Without that Master Zone, a ping on BeatificaBytes.be would return the internet IP of my modem. And I can’t use that IP to access my NAS (hosting my blog) from within my LAN.
In that Master Zone, I have defined a A record for www, to forward www.BeatificaBytes.be onto the local IP of my blog.
I have also a few other Master Zones defined to access various devices…
Since a few weeks, I was not able to ping any devices anymore and my blog was only accessible on BeatificaBytes.be but not anymore on www.BeatificaBytes.be.
I spent hours to reconfigure my DNS Server, testing all the various settings, without success. I have never executed so many ipconfig /flushdns, ipconfig /release, ipconfig /renew, ipconfig /all, ping www.BeatificaBytes.be and nslookup www.BeatificaBytes.be :D
I have finally figured out that the problem was with AVAST. It has a feature named “Secure DNS” which protects yourself against “DNS hijacking”. DNS hijacking redirects you from the site you want to visit, to one that looks just like it. Secure DNS ensures the site you’re visiting is real.
So, Avast was preventing me to access my blog on an IP which was not the one of my real “domain name” registered on Internet. But as I only defined the fully qualified “www.BeatificaBytes.be” within my Internet Provider’s DNS Settings, I was still able to access my blog locally on “BeatificaBytes.be” (This has been a lot disturbing my investigation).
It’s really the first time since 1996 that I curse Avast !