Windows Server 2008 R2 refuse to resolve external FQDN
No, it is not the dot in the hierachy on DNS Server which makes him a Root DNS.
So looking for this is obvious. And what if you find, that DNS Root Servers are listed and forwarders are able to ping, but recursive name resolution still doesn’t work.
When you look up the new features and changes coming with Windows Server 2008 R2, you will find something about EDns (EDNS). What is this?
It is an additional OPT record and mandatory for DNSSEC. So it is first enabled by default with Windows Server 2008 R2. It was already available since Windows Server 2003, but not enabled by default.
So you are wondering when you execute following from command prompt:
dnscmd /config /EnableEDNSProbes 0
your DNS Server is now able to provide name resolution for your external internet addresses.
Read Scott Forsyth’s Blog for more details