Verify DNS server is running normally or needs to be optimized

Posted on 2009-12-22
Last Modified: 2012-05-08
Is there a way to verify if DNS is working as it should be  or if needs to tweaked in some way?  I'm also going to be doing the same thing to DHCP.

This is on a SBS 2003 server.
Question by:OCwaste2
    LVL 11

    Expert Comment

    by:Venugopal N
    Run the command NSLOOKUP to check the DNS is working properly
    LVL 11

    Expert Comment

    by:Venugopal N
    Refer the below link for how to use the NSLOOKUP command to verify DNS
    LVL 70

    Expert Comment

    You can use NSLOOKUP
    and or NETDIAG that I refered to in a previous question
    LVL 57

    Expert Comment

    As long as you are not getting a lot of messages that indicate that name lookup failed you should be O.K.

    How big is your network?
    LVL 1

    Expert Comment

    I'll go with the nslookup, and make sure that you're using your server.
    LVL 1

    Expert Comment

    Along with nslookup you can also check the DNS section in the server event viewer :)
    LVL 38

    Expert Comment

    I saw both of your questions on DHCP and DNS monitoring.

    It looks like you are really trying to monitor Domain health. There are utilities that is a part of the 2003 server support tools to do just that.

    For DHCP, (specifically), you can use DHCPloc.exe. That acts as a client and goes out to the domain to request a DHCP address from any available DHCP server. This is a great way to diagnose for rogue DHCP servers. A rogue DHCP server is defined as a DHCP server on your domain that is providing DHCP and wasn't authorized by you. To be more precise, it is defined as a DHCP server that is servicing the same scope and address pool as your authorized DHCP server that is on your SBS machine.

    What many of the experts are eluding to is either DHCP works or it doesn't. That's pretty much true. If you have  a rogue DHCP server, your DHCP server will stop providing DHCP. If DHCP server isn't working or is blocked by a firewall, your clients will fail to get a DHCP address and therefore fail to communicate.

    For DNS, (specifically), you could use NSlookup as KCTS advised.

    For domain controller and networking diagnostics, you can use DCdiag  and Netdiag. DCdiag and Netdiag will get to the roots of DNS as well. It will not diagnose DHCP as you might wish.

    You can go to the command prompt and type:
    DCdiag /v      (meaning DC diagnostics utility Verbose)
    Netdiag /v     (meaning network diagnostics Verbose)

    NOTE: Both DCdiag and netdiag take a trained eye to decipher on some occasions. So, if you are having an issue, you could use experts help on EE to help you decipher what DCdiag and Netdiag are telling you.
    Bottom line is, there are a lot of great utilities already built in to diagnose and monitor your system>

    Another great utility is event logs. Event log entries in the 4000's, (like 4005 and 4015) are DNS related issues.

    Event log entries in the 1000's are either memory leaks(, DHCP or Netbios related issues).

    So fixing Event log errors will greatly help you in configuring your domain for optimum performance.

    LVL 24

    Expert Comment

    The best way is run dcdiag /test:dns & check the dns event viewer.
    Nslookup,dnscmd,dnslint are the dns tool which are used for troubleshooting dns.
    Nslookup is used to resolved dns names on domain.
    There is lot more you can do with dnscmd & dnslint.
    LVL 24

    Accepted Solution

    Below is also a good tool.
    For dhcp i can find netsh dhcp cmd.
    I personally feel ADmanager is good tool.  

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now