• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

Server DNS resolution

I had a stand-alone server (2003) that had only one primary DNS server. That server died (all before I got here!!!) and the stand-alone server still had that server that died as its primary DNS server. There was no secondary DNS.

My question comes in because I am curious how it still was able to do name resolution. If you were to try and log on to that server via RDP, it would take about 5 minutes. If you tried to ping something else, it would take about 10 seconds. Now obviously this was because it was querying something to figure out how to resolve the names, which it did eventually do. Even though there was no DNS server for this to use, it still would resolve names, keeping in mind it was very slow.

It is not configured to use WINS. Nor do I even have a WINS server here.

So, in short, how did the server do name resolution without DNS or WINS? (It also was able to resolve a brand new server I just put online, so it couldnt have been using any cached information.) I would have never known there was  a problem with the DNS except for the fact that it resolved names very very slowly.

There is no information in the hosts file.
0
adembo
Asked:
adembo
  • 12
  • 11
  • 5
  • +1
1 Solution
 
Jay_Jay70Commented:
Hi adembo,

if netbios is enabled then it may well be working off that
0
 
Irwin SantosComputer Integration SpecialistCommented:
It's querying your upstream provider as they may have authoritative control over you connection and may have routing information in THEIR DNS server.

OR

Some machine/router on your network has a cached copy of your routing info
0
 
ademboAuthor Commented:
It is set to "default" for NetBIOS to get the settings from the DHCP server. So what does that mean?
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
Jay_Jay70Commented:
did you ever have DHCP setup?
0
 
ademboAuthor Commented:
This server is statically assigned. I dont know if it ever used to be DHCP, but it definately is not now.
0
 
Jay_Jay70Commented:
hmm looks like irwins suggestions are probably the closest then

i still think netbios caching still has some form of play in it but i could well be wrong
0
 
ademboAuthor Commented:
irwinpks,

I understand your point, but here is what I dont understand. If I only have a primary DNS server configured, when I ask for something to be resolved, it tried to query the DNS server that is configured. In this case, that DNS server does not exist.

So you are suggesting since it cannot resolve the address, it is flooding my network for anything that is able to resolve it? I mean, if it is a router or a computer, it would have to send out a broadcast to find something that could resolve it.

0
 
ademboAuthor Commented:
Jay Jay,

I thought about the caching, but the fact that it was able to resolve a new server I had only put on the network a few days ago kind of made me think otherwise.

Thanks for your input.
0
 
Jay_Jay70Commented:
oh really! now that is interesting......if its internal like that then you should be able to by default, i am just trying to think back to my lecture on resolution without DNS and i was thinking along the lines of what you suggested - that it floods the network looking for resolution..... been a while but i think thats the way it works
0
 
Irwin SantosComputer Integration SpecialistCommented:
what happens when you do the following on the machine(s) in question?

ipconfig /all

what primary / secondary servers are listed?
0
 
ademboAuthor Commented:
irwinpks,

I have now fixed it with the appropriate DNS servers, but what was there was only a primary DNS server. Like I said above, there were no secondary DNS servers configured. The primary DNS server has been offline now for almost 2 months. This is not a file server for us, it simply runs our card access security system for door entry so I never noticed the problem until I tried to log onto a RDP session which took well over 5 minues. I noticed the problem and fixed it, but I was just wondering on how it was working while it had the wrong DNS server configured.

Thanks.
0
 
Irwin SantosComputer Integration SpecialistCommented:
apply my most recent comment.
0
 
ademboAuthor Commented:
irwinpks,

Before I fixed it, it only showed a primary DNS server of 192.168.11.134 (That server no longer exists)

Now I have it set properly:

Primary: 192.168.11.132
Secondary: 192.168.11.135

0
 
Irwin SantosComputer Integration SpecialistCommented:
but where did you set the DNS server entry.. on the workstation? router?
0
 
ademboAuthor Commented:
This is a statically assigned "server". I set it on the server.
0
 
Irwin SantosComputer Integration SpecialistCommented:
OK.. but what device is broadcasting DHCP? <<<... that's what we are looking for as it serves up the DNS IP.
0
 
ademboAuthor Commented:
irwinpks,

There is a DHCP server, but I again say this "server" has a static assigned address. It is not getting any information from a DHCP server.


0
 
Irwin SantosComputer Integration SpecialistCommented:
one thing that wasn't asked was that whether this particular server was running it's own DNS....so is DNS services running on this server?

If so, then that is the fault, it's resolving to "an" address...since you've changed the DNS to the correct IP, that would reflect in the DNS manager. To confirm this, go to ADMINISTRATIVE TOOLS - DNS MANAGER.  If it is up and running at all, then that is your problem, as queries were sent to itself.  Since it has no way of resolving any info as it doesn't have a real or correct DNS entry, it spins around in a circle.  Through netbios it eventually gets some resolution.

Should the machine NOT be used for anything other than you smart card, just turn the DNS service off and go into SERVICES, locate the DNS server, then DISABLE.
0
 
ademboAuthor Commented:
It is not a DNS server. It is only a member server and not a domain controller. DNS is not installed on it.

Like I mentioned, everything is working now. I dont need to disable anything. I just was trying to understand how the server was doing name resolution without a DNS or WINS server.

The more I think about it, it would have to be NetBIOS over TCP/IP that was doing it. I just dont know that much about how that works. I have been only been in network administration since DNS has been the defacto standard.

Thanks.
0
 
Irwin SantosComputer Integration SpecialistCommented:
ok.. with that said and from your original question "If you were to try and log on to that server via RDP, it would take about 5 minutes"

when you access via RDP, was this remote or local?  Also, was this via the domain name or IP address?
0
 
ademboAuthor Commented:
RDP was remote. I used the DNS name.

Now that I have the correct DNS settings, RDP works as normal and takes just seconds to log me on.

That is the only way I realized there was a problem with that server. Once I got on, I immdiately noticed the wrong DNS entries and fixed them.

I really want to point out that my actual question was "So, in short, how did the server do name resolution without DNS or WINS?"

I appreciate everyone's comments.

I dont know that I can say for sure I understand how it resolved the names, but I will be checking into how the NetBIOS over tcp/ip works and when it is used.
0
 
Irwin SantosComputer Integration SpecialistCommented:
to clarify... remote = WAN connection right?
0
 
ademboAuthor Commented:
No WAN.

Sorry, I misunderstood your question.

Its a LAN, this LAN is in no way connected to a WAN.
0
 
Redwulf__53Commented:
Name resolution procedure works in the following order:
HOSTS/LMHOSTS files, if host not found:
DNS Query, if host not found:
WINS Query, if host not found:
Broadcast <--- this is probably what happened in your case.
Whether it is succesfull depends on the TCP/DHCP options "DNS Suffix" (when using FQDN) and "Node Type" (must be "B" or "Mixed"=8)
Logons in a AD Domain can be most seriously affected when DNS is not available, as it is used not only to resolve hostnames, but also to locate AD Resources such as LDAP servers and Global Catalog servers.
The fact that it worked after x minutes is that "Logon server" can be found with broadcast, but Windows tries to find the other resources and that all times out and Windows decided then to let you in anyway based on the succesfull Logon Server response.
0
 
Irwin SantosComputer Integration SpecialistCommented:
After some poking and prodding we did... Redwulf_53 explained it perfectly.
0
 
Irwin SantosComputer Integration SpecialistCommented:
...that is... ALOT of poking an prodding.
0
 
ademboAuthor Commented:
Thanks all for your input.

Thanks Redwulf for the detailed answer.

0
 
Redwulf__53Commented:
No problem :)
0
 
Irwin SantosComputer Integration SpecialistCommented:
:|
0
 
Jay_Jay70Commented:
ah so it was the broadcast    cool!
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 12
  • 11
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now