A couple of weeks ago, we removed a 2nd NIC from our primary DNS server that was disabled. The IP address of this 2nd NIC was 10.0.16.21. Since that day, internal DNS has been snappy as ever; but DNS to the internet (outside world if you will) has been slow. For example, a ping to www.google.com
will take 5-8 seconds to resolve&.but it eventually resolves. If I then hit the up arrow, and immediately ping Google a second time, the response is almost instantaneous. Wait 15 minutes or so, ping Google again, and Im back to 5-8 second response time.
Also, around that same time, our Parking Garage began having issues with their credit card server. Most of the transactions failed, but occasionally some would go through. This could be because of the latency in DNS to the outside world. Perhaps there is a time out value with the credit card system that if it doesnt resolve to netconnect1.paymentech.net
that the transactions fail. Not too sure here, but they work at times, then fail at other times.
Also around this same time, our external emails began getting delivered with a delay. Delay isnt noticeable in the AM (almost arrive at the time the sender sends it), but by mid afternoon, an email sent to me from someone outside at 2:30 would end up being delivered to me @ 3:00PM.
Also, when this 2nd NIC, 10.0.16.21 was removed from our primary DNS server, I was no longer able to resolve internal DNS when connected in from home via VPN. After looking on our firewall, I noticed there was a entry for the fully qualified domain name of our primary DNS server and it used 10.0.16.21 as the IP (which is the old IP of the 2nd NIC). When I queried it to ask where used I discovered it was used in the VPN DNS srv. Once I adjusted the VPN DNS setting, DNS once again returned to working fine from home.
It is only the slow web browsing, credit card issues and the delayed delivery of external email that still seem to be present. Also, all 3 of these issues appear to have surfaced the same day that the 2nd NIC (10.0.16.21) was removed from our primary DNS server back on December 17, 2009.
Our ISP states that they do not have IP addresses for our internal DNS servers in the route statements, so at this point, theyre not on my list. My coworker also checked bandwidth utilization, and were not even beginning to lay a dent into the bandwidth. So that too doesnt appear to be an issue.
At this point Im ready to re-add that 2nd NIC back to my primary DNS server and assign it the old 10.0.16.21 (i.e. put it back to the way it was 4 weeks ago) but am hesitant to do this because Im told its not best practice to have a DNS server with multiple NICs&even if 2nd NIC is disabled.
I've looked at DNS forwarders, and they look to be pointing to eachother for forwarding; and the number of seconds before the forward querie times out is set to 5 seconds (about the length of time it takes for pings to respond to web sites). Should I try lowering that value to 1 second?
Any help is greatly appreciated.