Solved

DNS Fails to respond properly

Posted on 2004-10-06
6
580 Views
Last Modified: 2010-04-14
I'm working with a client right now that has an odd problem.  They are running a server with Windows 2000 server, SP4.  For some reason, the server will stop resolving DNS properly, until I do anything to the DNS entries.  Then everything will work fine for about 10-15 minutes, then it will stop again.

For example...  there are three servers in the DNS settings.  All are good addresses, all are DNS servers that are online and functional.  When the server stops resolving DNS properly (as in, addresses outside the LAN cannot be resolved), all I have to do is go into the DNS settings and change the order of the servers, and boom, eveything works well again.

For a little while.  Then it will stop, I rearrange the entries, and all is well again.  I've even tried setting it up so there's only one DNS server.  Same thing happens - resolution stops, I modify the entry to a different server, and everything works again for a short time.

Any thoughts?  This has apparently been going on for quite some time, but their last contractor was either unable to find the problem, or didn't look deep enough to try to fix it.

Many thanks in advance,

Sean
0
Comment
Question by:smconsult
  • 3
  • 2
6 Comments
 
LVL 2

Author Comment

by:smconsult
ID: 12244777
One more comment on this....

As I Describe the problem of resolution failing, I'm talking about resolution OUTSIDE the network.  Everything is working OK inside the LAN, but going to any address outside the LAN fails from the server.  (Works just fine on all of the client computers.)  I can ping an address, no sweat - it's just name resolution that fails.

Sean
0
 
LVL 84

Expert Comment

by:oBdA
ID: 12246351
You probably have set your DNS servers to point to your ISP's DNS? If so, then that's incorrect; if you have a root zone in your forward lookup zone (the single dot, "."), delete it; then configure forwarders to point to your outside DNS servers.
Are these just DNS servers or DCs as well?
Here are some links to start with:

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

How To Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341
0
 
LVL 2

Author Comment

by:smconsult
ID: 12248011
Thanks, I will check them out, and stop by the client today and see what's set up.  I can't recall of the top of my head if there's a root zone in the FLZ or not.  But yes, the DNS servers are pointing to the ISP's DNS servers.

The server in question is the DC for the client.  It is also the only server present on the domain.

I'll report back.

Sean
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 12248113
In that case, make sure the DC points *only* to itself for DNS in the TCP/IP properties; the same is valid for all domain members, the only DNS server they can use is the DC. And just in case, make sure the DNS server is configured to allow Dynamic Updates for the AD zones (stop and start the DNS service if you had to enable this).
Check if the SRV records have been created; if not, stop and restart the netlogon service on the DC after enabling the DNS dynamic updates. Check if there's a host entry for the DC as well in DNS; if not, enter "ipconfig /registerdns" in a command window.

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

SRV Records Cannot Be Registered on a DNS Server
http://support.microsoft.com/?kbid=316239
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 12248368

If DNS Forwarders aren't working it might be worth checking that Root Hints works instead.

This method will drop back to the Root DNS Servers for each TLD (Top Level Domain). As such it is not reliant on any one specific ISP DNS Server (any my preferred set-up for any DNS Server).

This article describes how to replace a broken Root Hints file - it should also point you in the right direction for checking it:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;249868

This is a little FAQ on Microsoft DNS if it's useful:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
0
 
LVL 2

Author Comment

by:smconsult
ID: 12371782
Thanks to both of you for the information.  oBdA, your solution was the one that was right on the mark (ISP's DNS in the server).  Chris-Dent, while the problem ended up not being related to Root Hints, I very much appreciate the information you provided.

Again, I appreciate the help that you both provided.  Many thanks!

Sean
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recreate New ADC 1 285
how do i restart in safe mode windows Server 2000? 5 610
Windows 2000 to 2008/2012 trust issue / ForeignSecurityPrincipal container 3 835
OLD CPUs 12 96
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The advancement in technology has been a great source of betterment and empowerment for the human race, Nevertheless, this is not to say that technology doesn’t have any problems. We are bombarded with constant distractions, whether as an overload o…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question