DNS Server problem - nslookup DNS request timed out

Hi

I had a Win2003 DC, sometimes it don't answer DNS requests, even to it self.
everything else seems to work, I can logon remotely to the server etc.

I then made a new DC, now it has the same problem.

The event logs don't have any related errors.

Perfmon tells me that the servers are doing nothing

Any idear how I can solve this?

br

Andersen

U:\>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.168.1.4: Timed out
Default Server: UnKnown
Address: 192.168.1.4

 

Hello Andersen DK AndersenDKdiscussions.microsoft.com,

How did you realize that it doesn't answer? Please post an unedited ipconfig
/all from both server's.

Best regards

Meinolf Weber

 

Hi Meinolf

It started with users don't getting logon script.

U:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : bernardo
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hamlet.dk

Ethernet adapter HP NIC TEAM:

Connection-specific DNS Suffix . : hamlet.dk
Description . . . . . . . . . . . : HP Network Team #1
Physical Address. . . . . . . . . : 00-17-A4-3B-56-FC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.4
192.168.1.3

U:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : srvdc01
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hamlet.dk

Ethernet adapter LAN1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7782 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-14-C2-62-93-27
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.4

 

Hello Andersen DK AndersenDKdiscussions.microsoft.com,

So Hamlet is a client i assume? Why does it have 2 DNS entries, when you
have only one DNS server?

Best regards

Meinolf Weber

 

Hi Meinolf

Hamlet.dk is the AD domain the 2 Ipconfig's are from the 2 DC + DNS servers,
where I have seen the problem. I do have one more DC where I have not seen
the problem (yet.)

(And yes I know the AD domain has a domain name also used on the internet, I
did not make the AD.)

 

Hello Andersen DK AndersenDKdiscussions.microsoft.com,

So srvdc01 and bernardo are both DC's and DNS server? Do you use AD integrated
zones, if not i would change to it when the DNS servers are all on the DC.

Then change the ip configuration to this:
bernardo
IP Address. . . . . . . . . . . . : 192.168.1.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.6
192.168.1.4

srvdc01
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.4
192.168.1.6

After the change run ipconfig /registerdns on both DC's and netdiag /fix.

Best regards

Meinolf Weber

 

All DNS is AD integrated.

 

In

Hello Anderson,

I believe what is happening here is that you do not have a reverse zone
created for 192.168.1.x. This is actually not an error, but rather just a
message saying it cannot find a reverse entry for the IP address of the DNS
server it is using.

When nslookup initializes, it looks for a PTR in the reverse zone for the
DNS server that it is using for lookups. In this case, it is using
192.168.1.4. If you do not have a reverse zone, or if one exists, but there
is no reverse entry for 192.168.1.4, it will give you this message. Nslookup
will still work for resulting local forward lookups, and other lookups on
the internet, but it will give you this message each and everytime until a
reverse zone is created.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
Microsoft Certified Trainer


For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

 

Hi Ace

The reverse zone and ptr record is there. What could it be?

 

In

If you receiving the message saying:

It means nslookup cannot find the PTR record in DNS. Apparently nslookup is
using 192.168.1.4 as it's DNS server. You mentioned that the reverse zone is
present along with a PTR for 192.168.1.4.

Did you confirm that PTR record exists on the DNS server located at
192.168.1.4? Curious, which "A" record is the PTR pointing to? Does that "A"
record exist in the Forward Lookup zone?

If you ping:
ping -a 192.168.1.4
Does it resolve the A record (the hostname)?

If you just created the PTR, exit nslookup, and try it again.

Also, do me a favor. Along with the above responses, please post an unedited
ipconfig /all of the machine you are trying this from, as well as from the
DNS (DC) at 192.168.1.4.

Thanks,

Ace

 

Hi Ace

The DNS/DC is 192.168.1.4 and resolves fine using ping. I did find that the
PTR reccord was missing on 1 of 3 DC/DNS servers, event they should
replicate, with AD integrated zones. How can this happen?

"C:\Users\rus>ping -a 192.168.1.4

Pinging srvdc01.hamlet.dk [192.168.1.4] with 32 bytes of data:
Reply from 192.168.1.4: bytes=32 time<1ms TTL=127"

IPCONFIG's from the DC's and my Admin pc:

SRVDC01
U:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : srvdc01
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hamlet.dk

Ethernet adapter LAN1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7782 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-14-C2-62-93-27
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.4

SERVER BERNARDO:
Windows IP Configuration

Host Name . . . . . . . . . . . . : bernardo
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hamlet.dk

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7782 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-17-A4-3B-56-FC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.4
192.168.1.3
Primary WINS Server . . . . . . . : 192.168.1.4

SERVER DC:
Windows IP Configuration

Host Name . . . . . . . . . . . . : DC
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hamlet.dk

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD PCNet Adapter
Physical Address. . . . . . . . . : 00-0C-29-7E-99-B4
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.6
192.168.1.3

ADMINPC FRBPCRUS:
Windows IP Configuration

Host Name . . . . . . . . . . . . : FRBPCRUS
Primary Dns Suffix . . . . . . . : Hamlet.dk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hamlet.dk

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hamlet.dk
Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network
Connecti
on
Physical Address. . . . . . . . . : 00-23-7D-00-25-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dd2e:a54f:82d4:cd88%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.100.52(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : mandag 9. februar 2009 08:51:02
Lease Expires . . . . . . . . . . : tirsdag 17. februar 2009 09:24:38
Default Gateway . . . . . . . . . : 192.168.100.1
DHCP Server . . . . . . . . . . . : 192.168.1.6
DNS Servers . . . . . . . . . . . : 192.168.1.4
192.168.1.3
Primary WINS Server . . . . . . . : 192.168.1.6
NetBIOS over Tcpip. . . . . . . . : Enabled

Looking forward to you responce.

 

Hi Ace

I also found this event:

Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4015
Date: 06.02.2009
Time: 15:02:43
User: N/A
Computer: SRVDC01
Description:
The DNS server has encountered a critical error from the Active Directory.
Check that the Active Directory is functioning properly. The extended error
debug information (which may be empty) is "". The event data contains the
error.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00 Q...

 

Hello Andersen DK AndersenDKdiscussions.microsoft.com,

For srvdc01 configure at least one of the other DNS as secondary DNS server.

For 4015 see here:
http://www.eventid.net/display.asp?eventid=4015&eventno=333&source=DNS&phase=1

Best regards

Meinolf Weber

 

In

Hmm, the ipconfigs look fine. So there is a replication problem, it appears,
or maybe not. Do you see any errors in the directory service and NTFRS logs?

Curious, what replication scope are the zones set to? Please check all three
servers. The scopes must match. If they are different, then indeed it would
cause problems, specifically it will create duplicate zones in the AD
database, which can be one of the many causes of 4015's, 4515's, etc.

To check if you have duplicate zones, you can use ADSI Edit. Check the
DomainNC, DomainDnsZones and ForestDnsZones partititions. The following link
explains how to use ADSI Edit. I have more specifics concerning this issue
and can post the info, that is if this is the case.

http://kbalertz.com/867464/Event-logged-Server-Windows-Server.aspx

Ace

 

Hi Ace

See my answer below:

Replication is set to "All Domain Controlers in the AD Domain", Allow Zone
Transfere to Servers in the Name Servers Tab, and notify servers in the NAme
servers tab. this is the same on all 3 servers.

The "To all domain controllers in the Active Directory domain" Option 3 from
the link.

however I did find a zone for a external domain, in both DomainDNSZones and
ForestDNSZones. would this be a problem?

Regards

Andersen

 

Done.

 

Hello Andersen DK AndersenDKdiscussions.microsoft.com,

What's the reason for the external domain zone?

Best regards

Meinolf Weber

 

In

You checked the zone scope settings on both DCs? Reason is they may be set
differently on each.

Did you create the external domain name? Does it exist when you look at the
DNS console?

Are both DCs Windows 2003?

Ace

 

Hi Ace

Checked Both, its the same.

The external domain, shows up in DNS console.

All 3 DC's are Win2003 SP2, but I see one is without R2, could this be a
problem?

Andersen

 

In

Hi Andersen

You have 3 Dcs? Sorry, thought there were 2. Is the zone's scope that same
on the thrid as well?

On ALL of your DCs, first set the DNS address in their IP properties to only
use one of the DCs. Let's use 192.168.1.6, since I don't think there is a
problem with that guy. Then run the following all all DCs:
ipconfig /registerdns
net stop netlogon
net start netlogon

Then run the following nslookup commands and post the responses, please. You
can copy and paste everything out of the command prompt.

nslookup

Thank you,
Ace