adembo
asked on
Server DNS resolution
I had a stand-alone server (2003) that had only one primary DNS server. That server died (all before I got here!!!) and the stand-alone server still had that server that died as its primary DNS server. There was no secondary DNS.
My question comes in because I am curious how it still was able to do name resolution. If you were to try and log on to that server via RDP, it would take about 5 minutes. If you tried to ping something else, it would take about 10 seconds. Now obviously this was because it was querying something to figure out how to resolve the names, which it did eventually do. Even though there was no DNS server for this to use, it still would resolve names, keeping in mind it was very slow.
It is not configured to use WINS. Nor do I even have a WINS server here.
So, in short, how did the server do name resolution without DNS or WINS? (It also was able to resolve a brand new server I just put online, so it couldnt have been using any cached information.) I would have never known there was a problem with the DNS except for the fact that it resolved names very very slowly.
There is no information in the hosts file.
My question comes in because I am curious how it still was able to do name resolution. If you were to try and log on to that server via RDP, it would take about 5 minutes. If you tried to ping something else, it would take about 10 seconds. Now obviously this was because it was querying something to figure out how to resolve the names, which it did eventually do. Even though there was no DNS server for this to use, it still would resolve names, keeping in mind it was very slow.
It is not configured to use WINS. Nor do I even have a WINS server here.
So, in short, how did the server do name resolution without DNS or WINS? (It also was able to resolve a brand new server I just put online, so it couldnt have been using any cached information.) I would have never known there was a problem with the DNS except for the fact that it resolved names very very slowly.
There is no information in the hosts file.
It's querying your upstream provider as they may have authoritative control over you connection and may have routing information in THEIR DNS server.
OR
Some machine/router on your network has a cached copy of your routing info
OR
Some machine/router on your network has a cached copy of your routing info
ASKER
It is set to "default" for NetBIOS to get the settings from the DHCP server. So what does that mean?
did you ever have DHCP setup?
ASKER
This server is statically assigned. I dont know if it ever used to be DHCP, but it definately is not now.
hmm looks like irwins suggestions are probably the closest then
i still think netbios caching still has some form of play in it but i could well be wrong
i still think netbios caching still has some form of play in it but i could well be wrong
ASKER
irwinpks,
I understand your point, but here is what I dont understand. If I only have a primary DNS server configured, when I ask for something to be resolved, it tried to query the DNS server that is configured. In this case, that DNS server does not exist.
So you are suggesting since it cannot resolve the address, it is flooding my network for anything that is able to resolve it? I mean, if it is a router or a computer, it would have to send out a broadcast to find something that could resolve it.
I understand your point, but here is what I dont understand. If I only have a primary DNS server configured, when I ask for something to be resolved, it tried to query the DNS server that is configured. In this case, that DNS server does not exist.
So you are suggesting since it cannot resolve the address, it is flooding my network for anything that is able to resolve it? I mean, if it is a router or a computer, it would have to send out a broadcast to find something that could resolve it.
ASKER
Jay Jay,
I thought about the caching, but the fact that it was able to resolve a new server I had only put on the network a few days ago kind of made me think otherwise.
Thanks for your input.
I thought about the caching, but the fact that it was able to resolve a new server I had only put on the network a few days ago kind of made me think otherwise.
Thanks for your input.
oh really! now that is interesting......if its internal like that then you should be able to by default, i am just trying to think back to my lecture on resolution without DNS and i was thinking along the lines of what you suggested - that it floods the network looking for resolution..... been a while but i think thats the way it works
what happens when you do the following on the machine(s) in question?
ipconfig /all
what primary / secondary servers are listed?
ipconfig /all
what primary / secondary servers are listed?
ASKER
irwinpks,
I have now fixed it with the appropriate DNS servers, but what was there was only a primary DNS server. Like I said above, there were no secondary DNS servers configured. The primary DNS server has been offline now for almost 2 months. This is not a file server for us, it simply runs our card access security system for door entry so I never noticed the problem until I tried to log onto a RDP session which took well over 5 minues. I noticed the problem and fixed it, but I was just wondering on how it was working while it had the wrong DNS server configured.
Thanks.
I have now fixed it with the appropriate DNS servers, but what was there was only a primary DNS server. Like I said above, there were no secondary DNS servers configured. The primary DNS server has been offline now for almost 2 months. This is not a file server for us, it simply runs our card access security system for door entry so I never noticed the problem until I tried to log onto a RDP session which took well over 5 minues. I noticed the problem and fixed it, but I was just wondering on how it was working while it had the wrong DNS server configured.
Thanks.
apply my most recent comment.
ASKER
irwinpks,
Before I fixed it, it only showed a primary DNS server of 192.168.11.134 (That server no longer exists)
Now I have it set properly:
Primary: 192.168.11.132
Secondary: 192.168.11.135
Before I fixed it, it only showed a primary DNS server of 192.168.11.134 (That server no longer exists)
Now I have it set properly:
Primary: 192.168.11.132
Secondary: 192.168.11.135
but where did you set the DNS server entry.. on the workstation? router?
ASKER
This is a statically assigned "server". I set it on the server.
OK.. but what device is broadcasting DHCP? <<<... that's what we are looking for as it serves up the DNS IP.
ASKER
irwinpks,
There is a DHCP server, but I again say this "server" has a static assigned address. It is not getting any information from a DHCP server.
There is a DHCP server, but I again say this "server" has a static assigned address. It is not getting any information from a DHCP server.
one thing that wasn't asked was that whether this particular server was running it's own DNS....so is DNS services running on this server?
If so, then that is the fault, it's resolving to "an" address...since you've changed the DNS to the correct IP, that would reflect in the DNS manager. To confirm this, go to ADMINISTRATIVE TOOLS - DNS MANAGER. If it is up and running at all, then that is your problem, as queries were sent to itself. Since it has no way of resolving any info as it doesn't have a real or correct DNS entry, it spins around in a circle. Through netbios it eventually gets some resolution.
Should the machine NOT be used for anything other than you smart card, just turn the DNS service off and go into SERVICES, locate the DNS server, then DISABLE.
If so, then that is the fault, it's resolving to "an" address...since you've changed the DNS to the correct IP, that would reflect in the DNS manager. To confirm this, go to ADMINISTRATIVE TOOLS - DNS MANAGER. If it is up and running at all, then that is your problem, as queries were sent to itself. Since it has no way of resolving any info as it doesn't have a real or correct DNS entry, it spins around in a circle. Through netbios it eventually gets some resolution.
Should the machine NOT be used for anything other than you smart card, just turn the DNS service off and go into SERVICES, locate the DNS server, then DISABLE.
ASKER
It is not a DNS server. It is only a member server and not a domain controller. DNS is not installed on it.
Like I mentioned, everything is working now. I dont need to disable anything. I just was trying to understand how the server was doing name resolution without a DNS or WINS server.
The more I think about it, it would have to be NetBIOS over TCP/IP that was doing it. I just dont know that much about how that works. I have been only been in network administration since DNS has been the defacto standard.
Thanks.
Like I mentioned, everything is working now. I dont need to disable anything. I just was trying to understand how the server was doing name resolution without a DNS or WINS server.
The more I think about it, it would have to be NetBIOS over TCP/IP that was doing it. I just dont know that much about how that works. I have been only been in network administration since DNS has been the defacto standard.
Thanks.
ok.. with that said and from your original question "If you were to try and log on to that server via RDP, it would take about 5 minutes"
when you access via RDP, was this remote or local? Also, was this via the domain name or IP address?
when you access via RDP, was this remote or local? Also, was this via the domain name or IP address?
ASKER
RDP was remote. I used the DNS name.
Now that I have the correct DNS settings, RDP works as normal and takes just seconds to log me on.
That is the only way I realized there was a problem with that server. Once I got on, I immdiately noticed the wrong DNS entries and fixed them.
I really want to point out that my actual question was "So, in short, how did the server do name resolution without DNS or WINS?"
I appreciate everyone's comments.
I dont know that I can say for sure I understand how it resolved the names, but I will be checking into how the NetBIOS over tcp/ip works and when it is used.
Now that I have the correct DNS settings, RDP works as normal and takes just seconds to log me on.
That is the only way I realized there was a problem with that server. Once I got on, I immdiately noticed the wrong DNS entries and fixed them.
I really want to point out that my actual question was "So, in short, how did the server do name resolution without DNS or WINS?"
I appreciate everyone's comments.
I dont know that I can say for sure I understand how it resolved the names, but I will be checking into how the NetBIOS over tcp/ip works and when it is used.
to clarify... remote = WAN connection right?
ASKER
No WAN.
Sorry, I misunderstood your question.
Its a LAN, this LAN is in no way connected to a WAN.
Sorry, I misunderstood your question.
Its a LAN, this LAN is in no way connected to a WAN.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
After some poking and prodding we did... Redwulf_53 explained it perfectly.
...that is... ALOT of poking an prodding.
ASKER
Thanks all for your input.
Thanks Redwulf for the detailed answer.
Thanks Redwulf for the detailed answer.
No problem :)
:|
ah so it was the broadcast cool!
if netbios is enabled then it may well be working off that