• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1217
  • Last Modified:

DNS Problem?

Hi,
In the course of troubleshooting some issues on our SBS 2008 server, I downloaded and ran the Microsoft "Best Practices Analyzer". The results of a scan say
"The DNS Server service should listen on DNS port 53, but that port is owned by the  process."
It appears some process is supposed to be listed in the above statement but is missing. I'm not sure if DNS is competing with this other process for the port or if it is using another port. How do I check what port DNS is currently using? Is there a way to find out what other process is using this port?
Thanks,
Bill
0
westone
Asked:
westone
  • 10
  • 5
  • 4
  • +1
3 Solutions
 
Rob WilliamsCommented:
DNS will use port 53, that is standard.
As a first step try from a command line entering:
netstat -an |find ":53 "
or just netstat -an    and review the list for port 53
See if anything shows up as connected or listening. DNS will not show up, but a 3rd party service may.
0
 
Rob WilliamsCommented:
No change you have blocked port 53 with the Windows firewall is there? This won't happen on its own but might you have manually done so?
0
 
westoneAuthor Commented:
The results are below. It's Greek to me.

 TCP    127.0.0.1:53           0.0.0.0:0              LISTENING
  TCP    192.168.0.173:53       0.0.0.0:0              LISTENING
  TCP    [::1]:53               [::]:0                 LISTENING
  TCP    [fe80::f20:c34c:9c6:fc31%10]:53  [::]:0                 LISTENING
  UDP    127.0.0.1:53           *:*                    
  UDP    192.168.0.173:53       *:*                    
  UDP    [::1]:53               *:*                    
  UDP    [fe80::f20:c34c:9c6:fc31%10]:53  *:*                    
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
westoneAuthor Commented:
I haven't blocked any ports.
0
 
westoneAuthor Commented:
Matter of fact the firewall on the server is turned off.
0
 
Hypercat (Deb)Commented:
What is using the IP address 192.168.0.173?
0
 
Rob WilliamsCommented:
Sorry, I tested on a workstation, on the SBS DNS does show up.
Looking at your results they are normal assuming 192.168.0.173 is the  IPv4 IP of the server and fe80::f20:c34c:9c6:fc31%10 is the IPv6 IP (probably is). 127.0.0.1 is the "local host" (Server's/local machine own) address.
Mmmmmmm...
0
 
westoneAuthor Commented:
Yes 192.168.0.173 is the address of the server. Could possibly be related to some other issues I just posted about and you responded to regarding the freezing of the server and an available hotfix for TDI driver issues. DNS errors have been plentiful just prior to the freezes.
0
 
Rob WilliamsCommented:
If there is another service affecting the TDI driver it could definitely also be affecting the DNS traffic port.
0
 
adiloadiloCommented:
hmmm  , my friend try  netstat -ab | find ":53"  instead of a netstat -an  that will list the port with the process using it . when you find the process , then you can eliminate it if not important .

Good Luck
0
 
westoneAuthor Commented:
Using -ab did not list the process or PID for me. It listed everything posted above, plus every port that included the number 53 anywhere in it, which was quite a few ports.
0
 
adiloadiloCommented:
just open a command prompt and type netstat -ab  that will list every open port , look for the port 53  and see what process is running that .
0
 
westoneAuthor Commented:
I piped the results of "netstat -ab" to a file, then searched for ":53 ". The only process using port 53 is dns.exe.

FYI: The reason "netstat -ab |find ":53 " doesn't show the process is because the process is listed on the next line without the port number, at least in the command window on this server. So only the line with the port number is shown in the results.
0
 
adiloadiloCommented:
hmm , well dns.exe is your dns server , may be a rougue dns is on . can you go manually to  your services.msc  and disable dns  then run the command  netstat -ab and see if that port is still open .
0
 
Hypercat (Deb)Commented:
Do you have Blackberry Server running on this server? I have seen a situation where there is a conflict between the BES Pro server and DNS on some SBS servers. Usually it affects the Blackberry Controller service (it will stop or not run properly).  However, this same conflict may be what the BPA is finding.
0
 
westoneAuthor Commented:
No Blackberry server here.

With DNS Server & DNS Client services stopped, "netstat -ab" returns nothing on port :53.

While DNS was turned off, I ran another Best Practices scan. It still returned the same DNS port warning.
0
 
adiloadiloCommented:
ha I know it . do you have any other process ranging from port  64,000 to 65,000. on that server for example windows depoyment services ? is it installed on that server ?
0
 
Rob WilliamsCommented:
I suspect it is something not using port 53 but blocking it, however you could further verify by running Wireshark on the server, capture packets for a few minutes, and then filter the results for port 53.
http://www.wireshark.org/

What anti-virus or anti-malware applications have you installed on the server.
0
 
westoneAuthor Commented:
In that port range every single port showed dns.exe, except for a few. 3 were running Spiceworks-finder.exe, one was running DHCPServer, 1 was running ntrfs or something like that, and several were running Exchamge services.

I turned off Spiceworks services but no change in Best Practices report. I will uninstall it and try it again.
0
 
westoneAuthor Commented:
AVG is installed, however ALL AVG services are turned off pending a solution to a conflict that software is causing (the TDI driver problem). I'll checkout the Wireshark software.
0
 
westoneAuthor Commented:
Thanks guys, and gals as the case may be. Still not resolved. Removed AVG, Ran HW diagnostics and discovered a recurring System Board voltage error logged under the Open Manage app (which I just installed) during the same time frame as these lock-ups. Communicating with Dell on it now.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 10
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now