I have problem with forwarder in DNS

Dear all;
I'm facing a problem with my DNS Server. I have:
1 Server for DC, DNS, DHCP.
1 Server for Exchange

I nslookup DNS Server in local, it's ok. but when i nslookup the name of outsite, it's not work and i can not access internet with DNS local. When i reboot DC, it's work well but after 8 days, it's happens again.
I check event view but don't have any error about DNS.
Default Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

> mail.icic.vn
Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

Name:    mail.icic.vn
Address:  172.16.1.7

> mail.yahoo.com
Server:  svctag-8j3tg1s.icic.local
Address:  172.16.1.2

DNS request timed out.
    timeout was 2 seconds.
*** Request to svctag-8j3tg1s.icic.local timed-out
> exit

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : svctag-8j3tg1s
   Primary Dns Suffix  . . . . . . . : icic.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : icic.local

Ethernet adapter Lan:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-14-22-19-AB-B0
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 172.16.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.1.254
   DNS Servers . . . . . . . . . . . : 172.16.1.2

Can anyone help me?
 
icic-dcicAsked:
Who is Participating?
 
ChiefITConnect With a Mentor Commented:
Go into the command prompt and try

DCdiag /fix:DNS

If that doesn't work try this link to see what steps you may have overlooked:
http://support.microsoft.com/default.aspx?scid=kb;en-us;816518&Product=winxp

0
 
tl121000Commented:
Are your ISPs forwarders listed in the forwarded tab in your DNS seetings on the DNS server...
0
 
icic-dcicAuthor Commented:
Yes,My ISPs forwarders listed in the forwarded tab.
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

 
icic-dcicAuthor Commented:
And I can ping outsite by IP address, but i can not ping outsite by name
0
 
nttranbaoCommented:
1. DNS can resolve host name using ROOT HINTS without any forwarders. Try to remove all Forwarder in DNS server, then see if you can resolve or not. It should works in most case
2. If you want to use forwarder, try to query it first via commandline:
       c:\>nslookup
       - server ip-address-of-your-forwarder-DNS
       - yahoo.com

If you can NOT resovle via cmd, the forwarder DNS service is down. Try another DNS server ( mine in Vietnam is 210.245.31.130
0
 
icic-dcicAuthor Commented:
I remove all forwarder but it still can not resolve
0
 
nttranbaoCommented:
can you resovle via command line, witt your forwarder or mine (210.245.31.130 or 210.245.31.10)? If you can not, then your firewall/gateway might block TCP 53 ( for outgoing DNS query)

Note:

-  If you create root zone ( .) in DNS, the DNS dont use root hints or forwarders any more. If so, delete root zone.
- Do not disable DNS recursion.
- Try to perform DNS self test on DNS server ( rProperties your DNS, -> tab Monitoring -> check 2 options -> Test Now. The result should be okay for both.
0
 
icic-dcicAuthor Commented:
I can not resolve via command line with my forowarder (210.245.31.130 or 210.245.31.10 or 210.245.24.20). I don't create root zone. DNS recursion is disabled and some of user can not open mail exchange on Microsoft Outlook and can not access internet. Then, I create a new secondary DNS, and I change preferred DNS Server is secondary DNS. Everything work well. I don't know why, Event view don't have any error about Primary DNS.
0
 
nttranbaoCommented:
So it looks like the Primary DNS services is not working properly. Try to remove/ reinstall DNS services on that server, then let's see if the problem is gone or not.
If you are using Exchange, DNS is very important. I think something related to DNS should exist in Event Log.
0
 
icic-dcicAuthor Commented:
Maybe Primary DNS Server have some problem. Now i have a secondary DNS, how to make a primary DNS again
0
 
icic-dcicAuthor Commented:
and now I just get one error on Secondary DNS Server. On Primary DNS don't have any error about DNS

Source: DNS
Category: None
Event ID: 3000
The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
 
nttranbaoCommented:
on Exchange, remove and reinstall DNS services ( in Control Panel -> Add.Remove Program-> Windows Component). FIrst deselect DNS, then go on until finish. Then repeat the step, but check the DNS Services.

After that, to rebuild DNS for Domain, do the followings on Exchange server:
 - Create Primary Active Directory integrated Forward lookup zone and/or Reverse lookup Zone.
- Point Primary DNS server in TCP/IP  settings to itself ( 127.0.0.1 or its own IP)
- Reboot Exchange, or issue this command in command prompt: ipconfig/registerdns
- After a while, you will see the DNS with all the informatins registered ( _msdsc, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones)

0
 
icic-dcicAuthor Commented:
I don't want to install DNS Server on Mail Exchange. I install primary DNS  on DC Server and secondary DNS on another server. My primary DNS Server does not work well, so I use secondary DNS. Now I want to reinstall PRIMARY DNS on DC Server again. I think, can i install primary DNS like secondary DNS. and then  secondary DNS will be replicate database  to DNS I have  just installed?
If I install new primary DNS Server while I'm runing Secondary DNS , Is there any problem with my Active Directory and Exchange?
Can u help me in detail?
 
0
 
icic-dcicAuthor Commented:
And now my secondary don't resolve host name outsite and my exchange can not delive email to outsite. But I can resolve host name local
0
 
nttranbaoCommented:
Since secondary DNS can not replicate to primary DNS, you should have at least 2 AD integrated DNS zone in your domain. What you need to do now is reinstalll DNS on Domain Controllers, and let DCs automatically registered themselve in DNS. After that, create customed records ( A, CNAME, MX...) if any.

Since your DNS can resolve local, but not external. I suspect your forwarders do not work well, or there are viruses/settings on your network that cause this.

 You should manually test DNS query via command lind ( as instructed above) against outside DNS servers. This MUST work in order for your DNS to work.

Regards,
0
 
ChiefITCommented:
This could be a number of issues:

Is your DNS server in the list of DNS servers on the LAN side of the router?

Also, the DNS forwarder configuration will need the gateway's address. I am not at my domain, so I couldn't navigate you to help configure the router's IP for DNS.

Then the IP stack of the DNS server needs the default gateway manually entered in.

It sounds like you know that a forwarder should be an outside DNS server. Maybe the ISP gave you an IP of a computer that is not a DNS server to do DNS relay.

Furthermore, port blocking from firewalls to the outside world may prevent you from making a DNS resolve to the outside world.  
0
 
icic-dcicAuthor Commented:
I'm sure that don't have port blocking from firewalls to outsite or DNS of ISP wrong. Because when it's not resolve host name outsite, I restart DNS Server, It works well again. Specially after 7 days, the problem happans again, I restart DNS Server, it works well again. I can not restart DNS Server every week. Could u help me to fix it?
0
 
nttranbaoCommented:
So obviously your DNS server has problem, that's why DNS services stops working every 7 days.

Maybe something wrong with the DNS services, so please check the Event Log for any error/warning/information related to DNS services, especially on the day DNS stops working.

Please also make sure you dont have any virus/malwares/Trojan.....on your network.

If you confirm that there's nothing wrong in Event Logs related to DNS, and just want DNS to be automatically restarted,  you can schedule a weekly task which restart DNS services with these 2 commands:
- net stop dns
- net start dns

I think you should run Self Test against your DNS ( esp. when it can not resolve hostname), and assure that DNS Event Logging is set to "All Events" ( Properties of your DNS)
0
 
ChiefITCommented:
"Specially after 7 days, the problem happans again"

It is very curious that every seven days this happens. It sounds like some sort of configuration that is set to dynamically delete a DNS entry once a week. The dynamic DNS changes I am thinking about have nothing to do with forwarders. Instead, they have to do with scavaging the DNS host A records.

If your Host A records for that server are scavaged once a week, then you could be running into a problem with the clients not being able to contact the server for it's forwarders. In fact, you will see no DNS relay through the server internally or externally. Once rebooted, it may reregister its own DNS record and you are back on track.

It sounds to me like you are booting up and getting a Dynamic DNS registered for your server through DHCP. Then it is scavaged a week later. What that means is, you have not made an exception for your fixed IP of the server in the scope and address pool for that fixed IP. Making the exception will tell DHCP, "THIS IS NOT YOUR IP ADDRESS TO PLAY WITH".

The way scavaging works is DHCP will provide a TIME stamp for doned out IP addresses. Then, it will remove all records with the time stamp that are within the scope and have outlasted the stale record period. If your server's DNS Host A record is within the scope, it could be deleted.

Does this sound like it could be your problem?
0
 
icic-dcicAuthor Commented:
It doesn't enable automatic scavenging of stale record. I also exclude the problem from DHCP.Because when the problem happens, event Server has  DNS server also can not resolve host name outsite. The problem have happened since backup DC server had problem and I removed backup DC, additional DNS (I removed backup DC by ADSIDit). And I  installed new additional DNS 2 days ago. But sometime I receive a DNS warning
Source: DNS
Category: None
Event ID: 3000
The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
 
nttranbaoCommented:
Please provide us the preceeded events of this event.
0
 
icic-dcicAuthor Commented:
Automatic scavenging of stale record is not enable. The problem from DHCP  is also excluded. Since when the problem happens, even DNS server also can not resolve host name outsite. The issue has occured as backup DC server had problem, thus I removed backup DC and additional DNS (by ADSIDit tool). As a matter of fact, new additional DNS has been installed 2 days ago. But sometime I still receive DNS warning on "new additional DNS"..

thank you very much for your consideration and time,

Best regards,

 
Source: DNS
Category: None
Event ID: 3000
The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate. 
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
Open in New Window 
 
    

Open in new window

0
 
icic-dcicAuthor Commented:
I removed all events and install new windows when the backup AD had problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.