Windows 2003 Dns server not resolving some domain name...

Hi,

I have a very strange problem and just can't see how to fix it...

All of a sudden, my two servers which are running dns server stop resolving some dns names...

I seem to be able to resolve .edu, .ca, .at, .au, .uk, and a lot more extensions I didn't even known about
But I just can't seem to resolve .com, .net
The weirdest thing, if I look at my dns cache, I see that I can resolve some dns names like rain.psg.com

I installed a simple dns server and disabled the windows dns server and the software was resolving all names correctly, so it has nothing to do with routing, firewalls, or something other then microsoft's... And no it's not something with my host file or whatever, I'm querying the dns server from a remote workstation using nslookup...

I reinstalled dns, installed all the patches from windowsupdate, rebooted the server and nothing seems to fix it...

If you want to take a look, use nslookup on ip 66.199.153.20 it's public. You should be able to resolve mostly everything except the .com and .net which all ends up with a timeout...

Any help would be greatly appreciated.
LVL 3
msd_informatiqueAsked:
Who is Participating?
 
Debsyl99Commented:
Worth a check anyway,
An external DNS query may cause an error message in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;828731&Product=winsvr2003
Deb :))
0
 
HoweverCommaCommented:
Tried flushing your DNS cache?

Odd problem have not ran across that one before.

0
 
msd_informatiqueAuthor Commented:
Yeah, I flushed the cache many time without success :(
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
Are you using forwarders?
0
 
valiconCommented:
Tell us more about your DNS setup....
0
 
Chris DentPowerShell DeveloperCommented:

I have a theory....

And it assumes you're not using Forwarders...

Follow the steps in the article to replace your Root Hints file, that will give you the root servers back and hopefully the .net and .com addresses again.

http://support.microsoft.com/kb/249868/EN-US/
0
 
msd_informatiqueAuthor Commented:
Hi Guys,

No I'm not using forwarders.

Regarding my config, I have about 30 local zones wich are primary or secondary, (not active directory integrated) and 1 dns zone which is for my domain (this one is ad oriented)

While trying to debug everything, I uninstalled the dns service, remove all zones, reinstalled, try to load data from file (boot. file) instead of registry, nothing seems to fix the problem.

I tried Chris-Dent solution, but it didn't help.

Regarding Debsyl99 link, the servers are in fact behind a pix, but version is higher then 6.2. And I installed another dns server on the same machine which is working fine.

Thanks guy for the solutions, but none worked :(

Someone else has an idea ?

Thanks a lot
0
 
msd_informatiqueAuthor Commented:
Me again... found the solution...

Thanks Debsyl99 !

I decided to test what was written in there even if I'm running pix version higher then the minimal requirement of the faq...

The problem is not with udp packets being bigger then 512, but with edns0 packet wich is sent from microsoft dns server.( I'm wondering if this crap is rfc compliant or not !)

The command
dnscmd /Config /EnableEDnsProbes 0

On the dns server fixed everything as it desactivate the "feature".

Thanks again Debsul99 and thanks to everyone else for the solutions proposed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.