Solved

Sporadic DNS Timeouts in Windows 2003 DNS server

Posted on 2004-08-20
8
330 Views
Last Modified: 2010-05-18
Recently upgraded network from W2k domain to W3k domain. Changed DNS servers. Currently running on domain controller. Problem is when you run nslookup from a client or even the dns server itself, i get sporadic "DNS  request timed out. Time out was 2 seconds. ***Rquest to xxx timed-out" when I try a domain like www.yahoo.com. What is strange is that it is sporadic. Sometimes it works, sometimes it doesn't. It is a major problem because it is affecting us sending out emails because the exchange server is getting timeouts sporadically on DNS lookups.  Thought maybe the problem was with the forwarders but if I set the server to the forwarder I am using it never times out. The DNS is AD-integrated. There does not appear to be any login/computer problems from an internal windows user standpoiint. Tried to delete specific cache entries and retry but no luck. One stange item is if I do a ipconfig /all from the DNS server it list two different dns suffixes even though I have not entered any in the tcp/ip settings. But when I do nslookup it always has the cortect one. Any idea?
0
Comment
Question by:Joe_S_NY
  • 4
  • 2
8 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 11854949
Have you configured a reverse lookup zone for your IP address range? That makes things works a little smoother. Make it AD integrated and it will be populated automatically as the IP addresses get updated by the AD.

Simon.
0
 

Author Comment

by:Joe_S_NY
ID: 11855050
I do have a reverse lookup zone and there is a ns and ptr record for my DNS server.
0
 

Author Comment

by:Joe_S_NY
ID: 11855319
Here is an example:

> hp.com
Server:  mars.company.comapanytest.com
Address:  10.4.12.5

DNS request timed out.
    timeout was 2 seconds.
*** Request to mars.company.comapanytest.com timed-out
> hp.com
Server:  mars.company.comapanytest.com
Address:  192.168.100.5

Non-authoritative answer:
hp.com  MX preference = 10, mail exchanger = smtp.hp.com
hp.com  MX preference = 10, mail exchanger = smtp.cce.hp.com
hp.com  MX preference = 30, mail exchanger = smtpx.hp.com

smtp.cce.hp.com internet address = 161.114.21.24
smtp.cce.hp.com internet address = 161.114.21.25
smtp.cce.hp.com internet address = 161.114.21.22
smtp.cce.hp.com internet address = 161.114.21.23
smtpx.hp.com    internet address = 15.81.176.21
smtpx.hp.com    internet address = 15.45.89.154
smtpx.hp.com    internet address = 15.45.89.155
smtpx.hp.com    internet address = 15.45.89.156
smtpx.hp.com    internet address = 15.45.89.157
smtpx.hp.com    internet address = 15.81.168.20
smtpx.hp.com    internet address = 15.81.168.21
smtpx.hp.com    internet address = 15.81.176.20

I ran it a few minutes later and it timed out again. Then ran it 5 times straigt right after and it resolved fine. There is an entry unser the cached root for hp.com on the DNS server.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 104

Expert Comment

by:Sembee
ID: 11856230
Are you using forwarders in DNS or allowing Windows to find the information itself?

Simon.
0
 

Author Comment

by:Joe_S_NY
ID: 11856278
I actuall just tried that. Seemed to help a little, but still getting timeouts.
0
 

Author Comment

by:Joe_S_NY
ID: 11856954
Bit the bullet and called MS. Turns out W3k handles DNS packets a little different than W2K and there are some issues also with certain firewalls (CISCO). Something about packets being larger than 512K. ANyway, changed a registry setting in windows 2003 and it solved it in conjuntion with turning off 'include parent domain in dns suffix'. Cisco also has a fix. Problem Solved.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 11920510
Closed, 500 points refunded.
CetusMOD
Community Support Moderator
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now