Link to home
Start Free TrialLog in
Avatar of Joe_S_NY
Joe_S_NYFlag for United States of America

asked on

Sporadic DNS Timeouts in Windows 2003 DNS server

Recently upgraded network from W2k domain to W3k domain. Changed DNS servers. Currently running on domain controller. Problem is when you run nslookup from a client or even the dns server itself, i get sporadic "DNS  request timed out. Time out was 2 seconds. ***Rquest to xxx timed-out" when I try a domain like www.yahoo.com. What is strange is that it is sporadic. Sometimes it works, sometimes it doesn't. It is a major problem because it is affecting us sending out emails because the exchange server is getting timeouts sporadically on DNS lookups.  Thought maybe the problem was with the forwarders but if I set the server to the forwarder I am using it never times out. The DNS is AD-integrated. There does not appear to be any login/computer problems from an internal windows user standpoiint. Tried to delete specific cache entries and retry but no luck. One stange item is if I do a ipconfig /all from the DNS server it list two different dns suffixes even though I have not entered any in the tcp/ip settings. But when I do nslookup it always has the cortect one. Any idea?
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image
Have you configured a reverse lookup zone for your IP address range? That makes things works a little smoother. Make it AD integrated and it will be populated automatically as the IP addresses get updated by the AD.

Simon.
Avatar of Joe_S_NY
Joe_S_NY
Flag of United States of America image

ASKER

I do have a reverse lookup zone and there is a ns and ptr record for my DNS server.
Avatar of Joe_S_NY
Joe_S_NY
Flag of United States of America image

ASKER

Here is an example:

> hp.com
Server:  mars.company.comapanytest.com
Address:  10.4.12.5

DNS request timed out.
    timeout was 2 seconds.
*** Request to mars.company.comapanytest.com timed-out
> hp.com
Server:  mars.company.comapanytest.com
Address:  192.168.100.5

Non-authoritative answer:
hp.com  MX preference = 10, mail exchanger = smtp.hp.com
hp.com  MX preference = 10, mail exchanger = smtp.cce.hp.com
hp.com  MX preference = 30, mail exchanger = smtpx.hp.com

smtp.cce.hp.com internet address = 161.114.21.24
smtp.cce.hp.com internet address = 161.114.21.25
smtp.cce.hp.com internet address = 161.114.21.22
smtp.cce.hp.com internet address = 161.114.21.23
smtpx.hp.com    internet address = 15.81.176.21
smtpx.hp.com    internet address = 15.45.89.154
smtpx.hp.com    internet address = 15.45.89.155
smtpx.hp.com    internet address = 15.45.89.156
smtpx.hp.com    internet address = 15.45.89.157
smtpx.hp.com    internet address = 15.81.168.20
smtpx.hp.com    internet address = 15.81.168.21
smtpx.hp.com    internet address = 15.81.176.20

I ran it a few minutes later and it timed out again. Then ran it 5 times straigt right after and it resolved fine. There is an entry unser the cached root for hp.com on the DNS server.
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image
Are you using forwarders in DNS or allowing Windows to find the information itself?

Simon.
Avatar of Joe_S_NY
Joe_S_NY
Flag of United States of America image

ASKER

I actuall just tried that. Seemed to help a little, but still getting timeouts.
Avatar of Joe_S_NY
Joe_S_NY
Flag of United States of America image

ASKER

Bit the bullet and called MS. Turns out W3k handles DNS packets a little different than W2K and there are some issues also with certain firewalls (CISCO). Something about packets being larger than 512K. ANyway, changed a registry setting in windows 2003 and it solved it in conjuntion with turning off 'include parent domain in dns suffix'. Cisco also has a fix. Problem Solved.
ASKER CERTIFIED SOLUTION
Avatar of CetusMOD
CetusMOD
Flag of Netherlands image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial