Solved

I have problem with forwarder in DNS

Posted on 2007-11-27
25
589 Views
Last Modified: 2012-05-05
Dear all;
I'm facing a problem with my DNS Server. I have:
1 Server for DC, DNS, DHCP.
1 Server for Exchange

I nslookup DNS Server in local, it's ok. but when i nslookup the name of outsite, it's not work and i can not access internet with DNS local. When i reboot DC, it's work well but after 8 days, it's happens again.
I check event view but don't have any error about DNS.
Default Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

> mail.icic.vn
Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

Name:    mail.icic.vn
Address:  172.16.1.7

> mail.yahoo.com
Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

DNS request timed out.
    timeout was 2 seconds.
*** Request to svctag-8j3tg1s.icic.local timed-out
> exit

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : svctag-8j3tg1s
   Primary Dns Suffix  . . . . . . . : icic.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : icic.local

Ethernet adapter Lan:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-14-22-19-AB-B0
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 172.16.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.1.254
   DNS Servers . . . . . . . . . . . : 172.16.1.2

Can anyone help me?
 
0
Comment
Question by:icic-dcic
  • 12
  • 7
  • 3
  • +1
25 Comments
 
LVL 9

Expert Comment

by:tl121000
Comment Utility
Are your ISPs forwarders listed in the forwarded tab in your DNS seetings on the DNS server...
0
 

Author Comment

by:icic-dcic
Comment Utility
Yes,My ISPs forwarders listed in the forwarded tab.
0
 

Author Comment

by:icic-dcic
Comment Utility
And I can ping outsite by IP address, but i can not ping outsite by name
0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
1. DNS can resolve host name using ROOT HINTS without any forwarders. Try to remove all Forwarder in DNS server, then see if you can resolve or not. It should works in most case
2. If you want to use forwarder, try to query it first via commandline:
       c:\>nslookup
       - server ip-address-of-your-forwarder-DNS
       - yahoo.com

If you can NOT resovle via cmd, the forwarder DNS service is down. Try another DNS server ( mine in Vietnam is 210.245.31.130
0
 

Author Comment

by:icic-dcic
Comment Utility
I remove all forwarder but it still can not resolve
0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
can you resovle via command line, witt your forwarder or mine (210.245.31.130 or 210.245.31.10)? If you can not, then your firewall/gateway might block TCP 53 ( for outgoing DNS query)

Note:

-  If you create root zone ( .) in DNS, the DNS dont use root hints or forwarders any more. If so, delete root zone.
- Do not disable DNS recursion.
- Try to perform DNS self test on DNS server ( rProperties your DNS, -> tab Monitoring -> check 2 options -> Test Now. The result should be okay for both.
0
 

Author Comment

by:icic-dcic
Comment Utility
I can not resolve via command line with my forowarder (210.245.31.130 or 210.245.31.10 or 210.245.24.20). I don't create root zone. DNS recursion is disabled and some of user can not open mail exchange on Microsoft Outlook and can not access internet. Then, I create a new secondary DNS, and I change preferred DNS Server is secondary DNS. Everything work well. I don't know why, Event view don't have any error about Primary DNS.
0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
So it looks like the Primary DNS services is not working properly. Try to remove/ reinstall DNS services on that server, then let's see if the problem is gone or not.
If you are using Exchange, DNS is very important. I think something related to DNS should exist in Event Log.
0
 

Author Comment

by:icic-dcic
Comment Utility
Maybe Primary DNS Server have some problem. Now i have a secondary DNS, how to make a primary DNS again
0
 

Author Comment

by:icic-dcic
Comment Utility
and now I just get one error on Secondary DNS Server. On Primary DNS don't have any error about DNS

Source: DNS

Category: None

Event ID: 3000

The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
on Exchange, remove and reinstall DNS services ( in Control Panel -> Add.Remove Program-> Windows Component). FIrst deselect DNS, then go on until finish. Then repeat the step, but check the DNS Services.

After that, to rebuild DNS for Domain, do the followings on Exchange server:
 - Create Primary Active Directory integrated Forward lookup zone and/or Reverse lookup Zone.
- Point Primary DNS server in TCP/IP  settings to itself ( 127.0.0.1 or its own IP)
- Reboot Exchange, or issue this command in command prompt: ipconfig/registerdns
- After a while, you will see the DNS with all the informatins registered ( _msdsc, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones)

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:icic-dcic
Comment Utility
I don't want to install DNS Server on Mail Exchange. I install primary DNS  on DC Server and secondary DNS on another server. My primary DNS Server does not work well, so I use secondary DNS. Now I want to reinstall PRIMARY DNS on DC Server again. I think, can i install primary DNS like secondary DNS. and then  secondary DNS will be replicate database  to DNS I have  just installed?
If I install new primary DNS Server while I'm runing Secondary DNS , Is there any problem with my Active Directory and Exchange?
Can u help me in detail?
 
0
 

Author Comment

by:icic-dcic
Comment Utility
And now my secondary don't resolve host name outsite and my exchange can not delive email to outsite. But I can resolve host name local
0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
Since secondary DNS can not replicate to primary DNS, you should have at least 2 AD integrated DNS zone in your domain. What you need to do now is reinstalll DNS on Domain Controllers, and let DCs automatically registered themselve in DNS. After that, create customed records ( A, CNAME, MX...) if any.

Since your DNS can resolve local, but not external. I suspect your forwarders do not work well, or there are viruses/settings on your network that cause this.

 You should manually test DNS query via command lind ( as instructed above) against outside DNS servers. This MUST work in order for your DNS to work.

Regards,
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
This could be a number of issues:

Is your DNS server in the list of DNS servers on the LAN side of the router?

Also, the DNS forwarder configuration will need the gateway's address. I am not at my domain, so I couldn't navigate you to help configure the router's IP for DNS.

Then the IP stack of the DNS server needs the default gateway manually entered in.

It sounds like you know that a forwarder should be an outside DNS server. Maybe the ISP gave you an IP of a computer that is not a DNS server to do DNS relay.

Furthermore, port blocking from firewalls to the outside world may prevent you from making a DNS resolve to the outside world.  
0
 

Author Comment

by:icic-dcic
Comment Utility
I'm sure that don't have port blocking from firewalls to outsite or DNS of ISP wrong. Because when it's not resolve host name outsite, I restart DNS Server, It works well again. Specially after 7 days, the problem happans again, I restart DNS Server, it works well again. I can not restart DNS Server every week. Could u help me to fix it?
0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
So obviously your DNS server has problem, that's why DNS services stops working every 7 days.

Maybe something wrong with the DNS services, so please check the Event Log for any error/warning/information related to DNS services, especially on the day DNS stops working.

Please also make sure you dont have any virus/malwares/Trojan.....on your network.

If you confirm that there's nothing wrong in Event Logs related to DNS, and just want DNS to be automatically restarted,  you can schedule a weekly task which restart DNS services with these 2 commands:
- net stop dns
- net start dns

I think you should run Self Test against your DNS ( esp. when it can not resolve hostname), and assure that DNS Event Logging is set to "All Events" ( Properties of your DNS)
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
"Specially after 7 days, the problem happans again"

It is very curious that every seven days this happens. It sounds like some sort of configuration that is set to dynamically delete a DNS entry once a week. The dynamic DNS changes I am thinking about have nothing to do with forwarders. Instead, they have to do with scavaging the DNS host A records.

If your Host A records for that server are scavaged once a week, then you could be running into a problem with the clients not being able to contact the server for it's forwarders. In fact, you will see no DNS relay through the server internally or externally. Once rebooted, it may reregister its own DNS record and you are back on track.

It sounds to me like you are booting up and getting a Dynamic DNS registered for your server through DHCP. Then it is scavaged a week later. What that means is, you have not made an exception for your fixed IP of the server in the scope and address pool for that fixed IP. Making the exception will tell DHCP, "THIS IS NOT YOUR IP ADDRESS TO PLAY WITH".

The way scavaging works is DHCP will provide a TIME stamp for doned out IP addresses. Then, it will remove all records with the time stamp that are within the scope and have outlasted the stale record period. If your server's DNS Host A record is within the scope, it could be deleted.

Does this sound like it could be your problem?
0
 

Author Comment

by:icic-dcic
Comment Utility
It doesn't enable automatic scavenging of stale record. I also exclude the problem from DHCP.Because when the problem happens, event Server has  DNS server also can not resolve host name outsite. The problem have happened since backup DC server had problem and I removed backup DC, additional DNS (I removed backup DC by ADSIDit). And I  installed new additional DNS 2 days ago. But sometime I receive a DNS warning
Source: DNS

Category: None

Event ID: 3000

The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
 
LVL 7

Expert Comment

by:nttranbao
Comment Utility
Please provide us the preceeded events of this event.
0
 

Author Comment

by:icic-dcic
Comment Utility
Automatic scavenging of stale record is not enable. The problem from DHCP  is also excluded. Since when the problem happens, even DNS server also can not resolve host name outsite. The issue has occured as backup DC server had problem, thus I removed backup DC and additional DNS (by ADSIDit tool). As a matter of fact, new additional DNS has been installed 2 days ago. But sometime I still receive DNS warning on "new additional DNS"..

thank you very much for your consideration and time,

Best regards,

 
Source: DNS

Category: None

Event ID: 3000

The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 

 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

Open in New Window 
 

    

Open in new window

0
 

Author Comment

by:icic-dcic
Comment Utility
I removed all events and install new windows when the backup AD had problem.
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
Comment Utility
Go into the command prompt and try

DCdiag /fix:DNS

If that doesn't work try this link to see what steps you may have overlooked:
http://support.microsoft.com/default.aspx?scid=kb;en-us;816518&Product=winxp

0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now