stephenm93
asked on
Win03 DNS Confusion: Primary DNS Not Resolving WWW record
Experts,
Strange things happening and I don't know why: Server 1 (10.1.1.12) is my primary DNS, PDC, DHCP, and primary WINS. Server 2 (10.1.1.13) is my web server and acts as secondary DNS, and secondary WINS. Here is the problem: when I try to access the company website from server one (via relative URL), I end up getting my router login screen. I can access the site using the IP (10.1.1.13). I have checked my www record in DNS and it appears correct; pointing to 10.1.1.13. I am using the following DNS entries on Server 1: 10.1.1.12, 68.1.208.245, 68.1.208.30
Bad news: it doesn't happen all the time! I can't put a finger on when or how it happens and it is driving me bonkers. Also, some clients on the domain experience the same problem (but not all users). I don't know if this is a DNS issue, a WINS issue, or some other dumb thing that I've done to screw up the name resolution.
Any help is greatly appreciated.
Thanks.
Stephen
Strange things happening and I don't know why: Server 1 (10.1.1.12) is my primary DNS, PDC, DHCP, and primary WINS. Server 2 (10.1.1.13) is my web server and acts as secondary DNS, and secondary WINS. Here is the problem: when I try to access the company website from server one (via relative URL), I end up getting my router login screen. I can access the site using the IP (10.1.1.13). I have checked my www record in DNS and it appears correct; pointing to 10.1.1.13. I am using the following DNS entries on Server 1: 10.1.1.12, 68.1.208.245, 68.1.208.30
Bad news: it doesn't happen all the time! I can't put a finger on when or how it happens and it is driving me bonkers. Also, some clients on the domain experience the same problem (but not all users). I don't know if this is a DNS issue, a WINS issue, or some other dumb thing that I've done to screw up the name resolution.
Any help is greatly appreciated.
Thanks.
Stephen
cfairley
I would try clearing the cache on the DC and one of the workstations involved. When you open the DNS console, right click the server and select clear cache. On the workstation, ipconifg /flushdns.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
WeHe is correct, as a small addition, server 1 should point to another dns server in the domain as it's secondary.
http://www.jsiinc.com/SUBH/tip3800/rh3869.htm
Here is the link to clearing the cache just in case that helps.
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B830905
http://www.jsiinc.com/SUBH/tip3800/rh3869.htm
Here is the link to clearing the cache just in case that helps.
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B830905
ASKER
Yes, WeHe, TCPIP settings have static DNS entries. I'm not clear on how to set a Fowarder within DNS....is that the same as a PTR record? I've cleared the DNS cache on the DC and am working on the client machine now...
Thanks.
Stephen
Thanks.
Stephen
open DNS Managment -> right click your Server -> Properties -> Forwarders
btw, you have to left click and then right click.
mmc is stupid, sometimes.
mmc is stupid, sometimes.
ASKER
Got it. Appears to be working on the server now. Client machine is acting fine today.
Thanks again for the references.
Stephen
Thanks again for the references.
Stephen
configure the clients to only use Server1 as DNS server too. (you can configure Server2 as secondary, if the zone is AD-integrated)
all clients will ask your servers for dns resolution.
If the dns does not know the name, it queries his forwarders and give the answer to the client.
all clients will ask your servers for dns resolution.
If the dns does not know the name, it queries his forwarders and give the answer to the client.
ASKER
Arrrrggggh!!
Problem is back. Need more insight. This time it is server 2 (Web Server) that is having the issue. Server 2 is pullling up the router login screen when I use the relative URL! Of course the IP works, but it can't resolve it's own domain name.
New piece of info: Server 2 is actually NOT a secondary DNS. The TCP/IP DNS entries on server two are 10.1.1.12 (primary) and 68.1.245.30 (secondary). Even if I use ONLY 10.1.1.12, as DNS entry, I still get the router login.
Hope I am being clear enough. Please help!
Stephen
Problem is back. Need more insight. This time it is server 2 (Web Server) that is having the issue. Server 2 is pullling up the router login screen when I use the relative URL! Of course the IP works, but it can't resolve it's own domain name.
New piece of info: Server 2 is actually NOT a secondary DNS. The TCP/IP DNS entries on server two are 10.1.1.12 (primary) and 68.1.245.30 (secondary). Even if I use ONLY 10.1.1.12, as DNS entry, I still get the router login.
Hope I am being clear enough. Please help!
Stephen
did you reboot or "ipconfig /flushdns" after changing to only 10.1.1.12 ?
ASKER
flushed dns. haven't rebooted. will do that now....gimme about 5 minutes.
ASKER
no go. rebooted and still same issue. Server 1 and client machines can access site. Server 2 pulls up router login.
give me the output of "nslookup www.yourdomain.com" and "tracert www.yourdomain.com" on server2.
server 2 points only to server 1 atm?
server 2 points only to server 1 atm?
ASKER
C:\Documents and Settings\Administrator.ROL
m
*** Can't find server name for address 10.1.1.12: Non-existent domain
Server: UnKnown
Address: 10.1.1.12
Name: www.remaxlubbock.com
Address: 10.1.1.13
C:\Documents and Settings\Administrator.ROL
ASKER
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.ROL
Tracing route to www.remaxlubbock.com [10.1.1.13]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms discovery.remaxlubbock.com
Trace complete.
C:\Documents and Settings\Administrator.ROL
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.ROL
Tracing route to www.remaxlubbock.com [10.1.1.13]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms discovery.remaxlubbock.com
Trace complete.
C:\Documents and Settings\Administrator.ROL
Both looks like all is OK.
Do you use a Proxy for Internet Explorer on Server2?
Do you use a Proxy for Internet Explorer on Server2?
ASKER
No, I don't. Why would I get a non-existent domain for 10.1.1.12?
Crazy enough, web is responding now. I didn't do a thing.....just started working again. I still have one client machine that is not working though.
Crazy enough, web is responding now. I didn't do a thing.....just started working again. I still have one client machine that is not working though.
*** Can't find server name for address 10.1.1.12: Non-existent domain
Server: UnKnown
Address: 10.1.1.12
This message is a result of not having a reverse lookup zone for 10.0.0.0 or 10.1.1.0, depending on your subnetmask.
Create a reverse lookup zone and this error will not show anymore.
Server: UnKnown
Address: 10.1.1.12
This message is a result of not having a reverse lookup zone for 10.0.0.0 or 10.1.1.0, depending on your subnetmask.
Create a reverse lookup zone and this error will not show anymore.
ASKER
Any other ideas as to why it would not be resolving the URL at times? My only other "strange" thing is that on Server 2, when DNS entry is only 10.1.1.12 (server 1), it only resolves certain addresses; e.g. www.msn.com can be resolved, but www.yahoo.com gives me a DNS error (page cannot be displayed).
I understand how hard it is to troubleshoot things that only happen once in a while, so I appreciate your patience!
I understand how hard it is to troubleshoot things that only happen once in a while, so I appreciate your patience!
is there a firewall anywhere?
try this on server 2:
Install the Dnscmd.exe program from the Windows Server 2003 Support Tools. To install the Windows Support Tools, right-click Suptools.msi in the Support\Tools folder on the Windows Server 2003 CD-ROM, and then click Install. Follow the steps in the Windows Support Tools Setup Wizard to complete the installation of the Windows Support Tools.
At a command prompt, type the following command, and then press ENTER:
dnscmd /config /enableednsprobes 0
try this on server 2:
Install the Dnscmd.exe program from the Windows Server 2003 Support Tools. To install the Windows Support Tools, right-click Suptools.msi in the Support\Tools folder on the Windows Server 2003 CD-ROM, and then click Install. Follow the steps in the Windows Support Tools Setup Wizard to complete the installation of the Windows Support Tools.
At a command prompt, type the following command, and then press ENTER:
dnscmd /config /enableednsprobes 0
ASKER
Here is what I get.
C:\Documents and Settings\Administrator.ROL
obes 0
DNS Server failed to reset registry property.
Status = 1722 (0x000006ba)
Command failed: RPC_S_SERVER_UNAVAILABLE 1722 (000006ba)
C:\Documents and Settings\Administrator.ROL
obes 0
DNS Server failed to reset registry property.
Status = 1722 (0x000006ba)
Command failed: RPC_S_SERVER_UNAVAILABLE 1722 (000006ba)
ASKER
Cisco PIX506e firewall is inside my router:
->Server 1
Modem -> Cisco1700 Router -> Cisco PIX506e -> Switch -
->Server 2
->Server 1
Modem -> Cisco1700 Router -> Cisco PIX506e -> Switch -
->Server 2
sorry, this command has to run on the DNS server.