DNS Server cannot lookup domain AWS

This behavior usually means your Windows Server DNS cannot correctly resolve the external AWS Route 53 domain due to caching or forwarder configuration issues — even though internet connectivity works.

heck external name resolution directly

On the DNS server, run:

nslookup aws-domain-name.com 8.8.8.8

If that works, but:

nslookup aws-domain-name.com localhost

fails, the problem is with the Windows DNS resolver, not your network.

Verify DNS forwarders

Open DNS Manager → Server Properties → Forwarders tab and make sure you have reliable public DNS forwarders configured, such as:

8.8.8.8 1.1.1.1 9.9.9.9

Then clear the DNS cache:

dnscmd /clearcache ipconfig /flushdns

Check the CNAME record

If your internal zone contains a CNAME pointing to an external FQDN (for example, awsapp.internal.local → myapp.aws.com), confirm:

The internal zone name does not overlap or shadow the external domain.
You do not have a local zone named aws.com or similar — that would block external lookups.

If such a zone exists, delete or rename it so that the query can go to the forwarders.

Review recursion settings

In DNS Manager → Server Properties → Advanced, make sure “Disable recursion” is unchecked.
Recursion must be enabled for forwarders to work.

 Lower TTL and retest

Sometimes Route 53 responses expire quickly. Clear the cache and test again:

ipconfig /flushdns nslookup your-cname.internal.local

Summary
Ensure forwarders are reachable and recursion is enabled.
Remove any conflicting local zones.
Flush caches after Route 53 changes.
If external queries work using 8.8.8.8 but fail through your local DNS, it’s definitely a forwarder or zone conflict issue.