DNS error Event: 11050

Posted on 2007-10-10
Last Modified: 2011-10-03
I have an eleven machine domain, one Vista box, one Win2k box and the rest are XP.

The domain controllers are both W2k3 Standard, right now SP1...will be SP2 tonight when I restart.

One machine, the Win2k machine, has decided it doesn't want to access the internet.  If you start the computer up, Internet Explorer will connect to the home page just fine.  But if you close IE and restart, it will not hit url or ip address (which is curious as I'm sure this is a dns issue).  Sometimes it might let you get to two websites before it craps out.

There are two nics on the machine, one fiber, the other an onboard rj-45.  The problem is identical with both cards.

I have uninstalled/re-installed tcp/ip, both by unchecking the box next to it in properties and restarting and using the uninstall button, neither worked.  I have done this on both cards.

I have four different dns servers running, two inside and two outside my firewall (people inside the building and remote users).  We have also tried using two outside dns servers.  The problem is identical with all six servers.

I cleared the system log in event viewer and restarted the computer, then replicated the problem.  As expected, I received Event 11050 in the system log:

The DNS Client service could not contact any DNS servers for a repeated number of attempts. For the next 30 seconds the DNS Client service will not use the network to avoid further network performance problems. It will resume its normal behavior after that. If this problem persists, verify your TCP/IP configuration, specifically check that you have a preferred (and possibly an alternate) DNS server configured. If the problem continues, verify network conditions to these DNS servers or contact your network administrator.

The DC passed netdiag and dcdiag.  

There have been no changes in the domain, firewall or network topography.  I have to believe the issue is specific to this machine as it's the only one displaying the problem.

After allowing the computer to sit for the timeout period, I can ping the inside dns servers.  I then open IE and get the homepage, close/reopen IE and don't get the homepage.  If I then try to ping the dns server, I get destination host unreachable.

As you can imagine, this needs to be resolved, but I'm running out of paths to follow.  Any thoughts would be appreciated.


Question by:UHLS
    LVL 13

    Expert Comment

    If you do a ping -t from the box to another box on the network, do you have any problems?  (the ping -t will do a continuous ping)  If you see packets fail, then you need to fix the network.

    Do you need both NICs operational?  Can you disable one to ensure that only one path is being utilized for network traffic.

    Are all of the DNS servers using forwarders or are you using root hints?

    Author Comment

    Thanks ocon, but both nics aren't operational, I tested one at a time.  None of the servers use forwarders either.  

    Howerver...the situation has changed.  I did some more digging and found the problem is in fact the Auto-Block rule feature in Internet Worm Protection from Norton 2005.

    I added a rule specifically to allow all traffic (TCP and UDP) from both of my internal dns servers, unblocked them, restart the computer and after surfing a handful of sites, they get blocked again.

    Also, autoprotect starts as disabled...I check the box to enable it, restart the machine, and it's disabled again.

    Beyond get rid of Norton, anyone have any advice?

    LVL 6

    Expert Comment

    Just curious...are the other machines using the same version of Norton ? shouldn't it be upgraded to something more recent ?

    Accepted Solution

    I've asked for this question to be deleted.

    Just so you know, it turned out to be Norton Anti-Virus 2005.  There is a feature under Internet Worm Protection called autoblock.  For some reason, even though there is a default rule to allow dns traffic, and I created another one to allow all traffic from my two dns servers, it still caused the problem, even when it was turned off.

    I uninstalled Norton and went with AVG.

    LVL 1

    Expert Comment

    Closed, 500 points refunded.
    Community Support Moderator

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now