Go Premium for a chance to win a PS4. Enter to Win


Slow DNS resolution of internet websites

Posted on 2006-10-30
Medium Priority
Last Modified: 2010-04-18
Hello All,

I have a bit of an issue with DNS and I am about to add a second domain controller and want to get this worked out ahead of time.  I will first explain the issue, and then give you as much detail as possible.

Currently there is 1 windows 2003 domain controller in this small network (25 users total) I have added the second server that will become the additional domain controller but at this point it is just a member server on the domain, no AD roles active on it.

My clients on the network, and DC included are experiencing slow internet access.  I test it and it is a  clear pause from when you make a request, it pauses, then after several seconds it comes down very fast.

I have thought it is a DNS issue, so on the member server I added, I had it get it's address through DHCP and it received the following (some blocked out for security purposes)

Windows IP Configuration

   Host Name . . . . . . . . . . . . : AddServer-02
   Primary Dns Suffix  . . . . . . . : xxxxxxxx.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : xxxxxxxx.local

Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . : xxxxxxxx.local
   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)
   Physical Address. . . . . . . . . : 00-15-C5-E8-4E-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . :
   DNS Servers . . . . . . . . . . . :  (these are the current DC's addresses)
   Primary WINS Server . . . . . . . :
   Lease Obtained. . . . . . . . . . : Monday, October 30, 2006 10:03:17 AM
   Lease Expires . . . . . . . . . . : Sunday, January 28, 2007 10:03:17 AM

When I have that website come up very slow, now if I just take the DNS server part and disable the DHCP for it and set it to:

Which are our ISP dns servers then everything is great, very fast, instant, as it should be.

My quesiton is should these addresses be configured somewhere in the existing DNS in Active Directory?  It seems like it looks all around locally for the site, then queries root hint servers, or something else?   I need to figure out when the resolution of external site is so sloooww  for the current AD environment.


Question by:CRNorthAmerica
  • 6
  • 4
LVL 11

Expert Comment

by:Chris Gralike
ID: 17837314
Do you use dns forwarding on your DNS server? or do you rely on the root hints, and is cashing enabled?

Author Comment

ID: 17837351
Where in the DNS information do I look for forwarding?  I know if you don't have forwarding then it automatically looks at root hints.  Yes, caching is enabled.

Author Comment

ID: 17837397
yes forwarders are turned on for "all other dns domains" and it is set to the dns servers that I showed above
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

LVL 11

Expert Comment

by:Chris Gralike
ID: 17837516
The forwarder should actually point toward an internet dns server.

All zones ie; .google.com. (forward lookup)
All IP addresses not part of your network (in-addr-arpa)
are forwarded to the dns server(s) in the forwarding list...

Use the dns server of your internet provider as the forwarding address

LVL 11

Accepted Solution

Chris Gralike earned 500 total points
ID: 17837527
All zones ie; .google.com. (forward lookup) not part of your domain zone (mydomain.local)

typo ;)

Author Comment

ID: 17837609
That is what I have -

In DNS Domain: (of the forwarders tab)
All Other DNS domains

and they forward to the IP's of the DNS server from the ISP

Author Comment

ID: 17837633
looks like there was a typo in the forwarders that a previous person had in there. Thanks Buddy!
LVL 11

Expert Comment

by:Chris Gralike
ID: 17837646
okey try this,

go to the command prompt of any client,

Start > Execute > cmd.exe [enter]

ipconfig /flushdns [enter]   (dont do this on a server! but a client)

nslookup [enter]
>set debug [enter]
>server (inet dns ip or name) [enter]
>google.com [enter]

and see what happens in the query ;) and post that info if it doesnt make sense :D

LVL 11

Expert Comment

by:Chris Gralike
ID: 17837657
ps do the same against your dns server...

LVL 11

Expert Comment

by:Chris Gralike
ID: 17837684
Well it looks like you solved the problem yourself, that wasnt me :P

Happy it works :)

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question