Solved

XP Clients Not Resolving DNS through DHCP assigned values

Posted on 2007-11-26
2
1,765 Views
Last Modified: 2008-05-30
This is probably one of the more weird problems I've seen.  We have XP clients in our district offices who are configured through the local router via DHCP.  That DHCP server is assigning them our main DNS server 192.168.1.221 and then a local ISP DNS server.  Randomly our clients DNS will stop working on their machines.  When doing an IPCONFIG /ALL, all the settings are correct.  If we statically assign the DNS servers in the Network Configuration options in the client control panel DNS works fine.  Then if I switch it back to DHCP, it works for a random period of time and goes back to this same problem.

While the machines are experiencing this problem, I can run an nslookup to the DNS server by name and it resolves correctly.  However, if I try to ping the same DNS name I just ran NSLOOKUP on, it says "Ping request could not find host <computername>.  Please check the name and try again."  We are not getting any errors in the DNS event viewer since 11/12 and the last error is:

The DNS server has encountered a critical error from the Active Directory.  Check that the Active Directory is functioning properly.  The extended error debug information (which may be empty) is "".  The event data contains the error.

This is very frustrating as I'm not 100% sure that it's really a DNS issue or network configuration problem.  Any help would be very helpful.
0
Comment
Question by:Phreak3eb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 20350099
Clients should not have the IP of your ISP for DNS - They should ONLY have the IP of your own internal DNS server - that server should then use forwarders to resolve external names.

If you use the ISP DNS even as al alternate DNS then it will cause issues such as those you are describing.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 20350609
A bit more in the way of explanation.

A client will always use the preferred DNS server to resolve names. If the preferred DNS responds - even if it is to say that the name cannot be found then the alternate DNS is never used. Your DNS server should be set to forward external DNS queries in such cases - see
http://www.petri.co.il/configure_dns_forwarding.htm

The alternate DNS is only ever used if the preferred DNS server does not respond in a timely manner - once this happens then it continues to use the alternate DNS server in preference.
No if your DNS server is slow to respond (busy) and the alternate is tried as a result your clients then try to use this for all name resolution - includind internal resolution - and it fails.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question