DNS Temporarily Out Of Order???

Discussion in 'DNS Server' started by Brian D. McGrew, Nov 24, 2009.

  1. I've posted this before and still have no resolution so I'm throwing it out
    again...

    I have three DNS servers. NS239 (Win2K3, physical machine), NS246 (Win2K3,
    VM) and NS247 (Win2K8, physical machine) on my internal network that resolve
    DNS for the outside world.

    What I'm seeing is that DNS will go brain dead for a minute or so and then
    come back to life when trying to resolve names to the inside or outside
    world. I can't pin it on one particular server though. I've tried with an
    without forwarders.

    I come from a long history of BIND on Unix so DNS on Windows and AD is still
    pretty new to me and I'm not sure where to go looking from here. I can tell
    you that I do not see anything obvious in the event logs.

    Hoping someone has a good idea :)

    -b
     
    Brian D. McGrew, Nov 24, 2009
    #1
    1. Advertisements

  2. Hello Brian,

    Don't know when you post this, but with the name Brian D. McGrew i can't
    see a posting since May 2009, that time my newsreader stops seeing older
    postings in this NG.

    What error messages are listed in the event viewer and what errors/symptoms
    do you see? "DNS will go brain dead for a minute or so" is not really helpful.

    Please describe your DNS setup more detailed, not only with the servers,
    include also the domain setup and what kind of zones you use. Additional
    post an unedited ipconfig /all from the 3 DNS servers and a client machine
    with problems.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Nov 24, 2009
    #2
    1. Advertisements


  3. Cliches can be helpful at times, but in this case, 'going braindead' is
    somewhat elusive associated with a DNS server.

    Are you saying that it stops resolving? But then you said it 'comes to life'
    (like a Terminator?) when trying (trying?) to resolve internal and external
    queries.

    How did you determine this is occuring? Which tool did you use? If you can't
    pinpoint which server, I assume you didn't use nslookup to test each one
    specifically?

    Are the DNS servers DCs?
    Are the DNS servers multihomed?
    Is RRAS installed on the DNS servers?
    IP routing enabled on them?

    Do you have a link to a website somewhere (date, time, subject, username you
    used when posted, etc) where you've previously posted this question? It
    would be helpful to read your original post, and the responses to see what
    was looked at already and offered suggestions so we don't double our
    efforts.

    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among
    responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
    2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer

    For urgent issues, please contact Microsoft PSS directly. Please check
    http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MCT], Nov 25, 2009
    #3
  4. I've posted this before and still have no resolution so I'm throwing
    I appologize if my problem report was somewhat lacking. I'm not the worlds
    foremost Windows expert and thus will heed and apprechiate any advice you
    guys can give!

    The ipconfig /all is attached from four machines. NS{239,246,247} are the
    servers and brian-xp-224 is an XP Pro workstation. Although it should be
    noted that I'm seeing this problem across all the machines on the network,
    not just the Windows machines. I have many Unix, Linux and MacOS boxes that
    are all doing the same thing.

    Basically, even though it's a poor description, DNS is going brain dead.
    Open a web browser and put in any URL and you get "looking up
    www.google.com" or whatever domain you're trying to find. It'll sit here
    for anywhere from 10 seconds to 2 minutes while DNS is off in the weeds.
    Once DNS comes back to life, domain resoltuions are instant as they should
    be. This is also the case for machine on the internal network, it may hang
    out for 10 seconds to 2 minutes while DNS wakes up. Even an nslookup
    <machinename> will hang. But again, when DNS is working, everything is
    instant.

    I don't have anything in any event logs that would suggest there is an
    obvious problem somewhere. All of the NS* machines are domain controllers
    with NS246 being the master role for everything according to dumpfsmos from
    the Win2K3 Resource Kit. I'm not seeing any other kind of performacne
    problems with any of the machines. I can connect to shares (by IP) and move
    files back and forth just fine. I have other Win2K3 and 2K8 servers that
    are not domain controllers running other services like Oracle, SQL and TSM
    that are all working and providing their services just fine. It seems to be
    only a DNS problem.

    Thanks,

    -brian




    Windows IP Configuration





    Host Name . . . . . . . . . . . . : ns239


    Primary Dns Suffix . . . . . . . : toxicescrow.com


    Node Type . . . . . . . . . . . . : Hybrid


    IP Routing Enabled. . . . . . . . : No


    WINS Proxy Enabled. . . . . . . . : No


    DNS Suffix Search List. . . . . . : toxicescrow.com





    Ethernet adapter Local Area Connection:





    Connection-specific DNS Suffix . : toxicescrow.com


    Description . . . . . . . . . . . : Intel(R) PRO/100+ Management Adapter


    Physical Address. . . . . . . . . : 00-D0-B7-BD-3B-A9


    DHCP Enabled. . . . . . . . . . . : No


    IP Address. . . . . . . . . . . . : 192.168.1.239


    Subnet Mask . . . . . . . . . . . : 255.255.255.0


    Default Gateway . . . . . . . . . : 192.168.1.254


    DNS Servers . . . . . . . . . . . : 192.168.1.239


    192.168.1.246


    192.168.1.247








    Windows IP Configuration





    Host Name . . . . . . . . . . . . : ns246


    Primary Dns Suffix . . . . . . . : toxicescrow.com


    Node Type . . . . . . . . . . . . : Unknown


    IP Routing Enabled. . . . . . . . : Yes


    WINS Proxy Enabled. . . . . . . . : Yes


    DNS Suffix Search List. . . . . . : toxicescrow.com





    Ethernet adapter Local Area Connection:





    Connection-specific DNS Suffix . : toxicescrow.com


    Description . . . . . . . . . . . : VMware Accelerated AMD PCNet Adapter


    Physical Address. . . . . . . . . : 00-0C-29-AC-17-F6


    DHCP Enabled. . . . . . . . . . . : No


    IP Address. . . . . . . . . . . . : 192.168.1.246


    Subnet Mask . . . . . . . . . . . : 255.255.255.0


    Default Gateway . . . . . . . . . : 192.168.1.254


    DNS Servers . . . . . . . . . . . : 192.168.1.246


    192.168.1.247


    192.168.1.239






    Windows IP Configuration



    Host Name . . . . . . . . . . . . : ns247

    Primary Dns Suffix . . . . . . . : toxicescrow.com

    Node Type . . . . . . . . . . . . : Hybrid

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No

    DNS Suffix Search List. . . . . . : toxicescrow.com



    Ethernet adapter Local Area Connection:



    Connection-specific DNS Suffix . : toxicescrow.com

    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
    Connection

    Physical Address. . . . . . . . . : 00-0C-29-5A-9B-F9

    DHCP Enabled. . . . . . . . . . . : No

    Autoconfiguration Enabled . . . . : Yes

    IPv4 Address. . . . . . . . . . . : 192.168.1.247(Preferred)

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . : 192.168.1.254

    DNS Servers . . . . . . . . . . . : 192.168.1.247

    192.168.1.246

    192.168.1.239






    Windows IP Configuration





    Host Name . . . . . . . . . . . . : brian-xp-224


    Primary Dns Suffix . . . . . . . : toxicescrow.com


    Node Type . . . . . . . . . . . . : Hybrid


    IP Routing Enabled. . . . . . . . : No


    WINS Proxy Enabled. . . . . . . . : No


    DNS Suffix Search List. . . . . . : toxicescrow.com





    Ethernet adapter Local Area Connection:





    Connection-specific DNS Suffix . :


    Description . . . . . . . . . . . : VMware Accelerated AMD PCNet
    Adapter


    Physical Address. . . . . . . . . : 00-50-56-80-7A-A7


    Dhcp Enabled. . . . . . . . . . . : No


    IP Address. . . . . . . . . . . . : 192.168.1.224


    Subnet Mask . . . . . . . . . . . : 255.255.255.0


    Default Gateway . . . . . . . . . : 192.168.1.254


    DNS Servers . . . . . . . . . . . : 192.168.1.246


    192.168.1.247


    192.168.1.239
     
    Brian D. McGrew, Nov 25, 2009
    #4

  5. Thanks for posting the config info.

    The problem is NS246. It has IP routing and WINS proxy enabled. That will
    *definitely* cause a problem, whether DNS or non-DNS on a DC. Since you are
    using that as the first entry, I can see why you are seeing a "brain dead"
    scenario, in your words. :) If you were to use one of the others as the
    first entry, you probably wouldn't have come across this issue, and would
    have never known there is a misconfig on one of your DCs.

    If the DC was formerly a RRAS (VPN, etc) server, this is not a recommended
    configuration for a DC due to DNS registrations and the multiple IPs.
    However I do not see multiple IPs in the ipconfig, so it kind of leads me to
    believe it was formerly a RRAS server or some app installed did it.

    Disable IP routing (disable RRAS for starters, and re-run the ipconfig /all
    to double check) as well as WINS proxy, which is a reg setting.

    To disable WINS proxy:
    How to Disable NetBT Proxy on Incoming Connections... this returns the
    information that the WINS Proxy Enabled value is set to Yes. In some cases,
    you may want to disable this setting. ...
    http://support.microsoft.com/kb/319848

    Ace
     
    Ace Fekay [MCT], Nov 25, 2009
    #5
  6. Hello Brian,

    Ace already stated the main points about the server which will cause problems.

    Additional i suggest to use FORWARDERS in the domain DNS servers, so they
    will forward DNS request to your ISPs DNS server.
    http://support.microsoft.com/kb/323380

    http://support.microsoft.com/kb/825036

    Make sure all DC/DNS machines are registered in the DNS forward/reverse lookup
    zones with there A record and Nameserver record(DNS servers)

    Also you should be able to connect to shares with there name instead of the
    ip address.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Nov 25, 2009
    #6


  7. I didn't realize that having RRAS on a DC was a bad thing. I've removed it
    and I'll put up a separate machine for that. I've also removed WINS from
    all the servers as I don't really need it, most of my machines are Unix and
    use DNS.

    However, in ipconfig still shows a WINS Proxy Enabled ... Yes. Even thought
    I've removed WINS from all the servers, and I made the registry change to
    the DC's. Is this still a bad thing, or am I alright without WINS now?

    -b
     
    Brian D. McGrew, Nov 26, 2009
    #7

  8. WINS isn't bad, but RRAS and multiple NICs and IPs are. Keep in mind, a WINS
    server needs only to point to itself. This is due to it's own registration
    process as the owner of the WINS database it hosts. But I don't see that in
    your configs, that points to another misconfig.

    Exchange needs WINS, and other apps may need it, which you will need to
    inventory and make that determination.

    If you made the registry change and restarted the machine, it should show up
    as No in the ipconfig.

    Ace
     
    Ace Fekay [MCT], Nov 26, 2009
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.