Local DNS slows down network, External DNS makes improves significantly (Windows Server 08)

We have Verizon fios 25/25 line

When I am using external dns, our internet is as fast as what it should be and what we pay for. There is no lag, everything works as smooth as I have ever had the pleasure of working with any network

We have a small domain from within the network which is based off of a Single DC and an Exchange server

the DC is also the DNS server which in turn handles all of our AD

When ever I use the DC/DNS server as the server on our clients..

There is a 2 - 3 second lag before it resolves.. this gives our internet experience horrible issues especially when loading sites which pulls date from multiple domains.

when ever i use external dns, it works instantly

Can someone help me trouble shit this, i honestly dont even know where to start. . thanks
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

B HCommented:
"Can someone help me trouble shit this"  :)


on the server, fire up the dns manager
right click the server at the left, properties
find 'forwarders'

put in at the top of the list
put anything else in there you want, 2 more or so should do it is a good one, is another one i just happen to have memorized

then on the workstations, make sure only your DC is listed as the primary dns, and there should be no secondary at all

then on the server - ipconfig /flushdns
and on the workstation(s) - either reboot, or these:
ipconfig /flushdns
ipconfig /registerdns

test - you should be fine

i think you have a bad forwarder at the top of your list, which causes the delay

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
B HCommented:
er, i mean:

are good ones
DonNetwork AdministratorCommented:
Do not use or these are way over used

you should either use your ISP's DNS or something like OpenDns

Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

Vishal BreedProgram ManagerCommented:
It seems internal DNS server (Active Directory DC), is not configured properly. Please ensure forward and reverse lookup zones are configured properly. You may test same using nslookup from command prompt in DC.

Also ensure, from DNS server properties, in forwarders, your external DNS servers are added. In TCP/IP configuration of all worksations and servers, there should be only internal DNS servers.
Vishal BreedProgram ManagerCommented:
Please refer http://www.windowsreference.com/windows-server-2008/step-by-step-guide-for-windows-server-2008-domain-controller-and-dns-server-setup/ and confirm whether steps mentioned in article were followed when DC was built.
DonNetwork AdministratorCommented:
You might want to run the Server 2008 Best Practices Analyzer as well

It should be mentioned that you need to understand where the 2-3 second lag is being experienced, and where that is coming from before any other work is done, though the shotgun approach of assuming it is the DNS server configuration may well work in this case.
From the client machines, if you use NSLOOKUP from the command line do you see the lag when looking up external domain names off of your internal DNS server? Are the clients configured with ONLY the internal DNS server for DNS when you experience the issue? If not, the clients may be failing lookups off of your server and then failing over to the external DNS to resolve names after that couple of seconds of delay from waiting for response from your internal DNS.
Generally, you shouldn't need to use forwarders as mentioned above because the DNS server can use DNS root servers to find authoritative DNS servers for any names you need. Even if there is some initially delay in name resolution for names, the data becomes cached to provide rapid responses for normal operations.
John_T21Author Commented:
wow, thanks for all your responses. I am going to start going through them from top to bottom and award points accordingly. Will reply within the hour, thank you all
John_T21Author Commented:
Thank you very much, both of you guys were right, I followed the steps given by bryon. but naldian hit the reasoning right on the spot. my lookups were failing and then failingover to external dns. thanks both of you for your help
John_T21Author Commented:
thanks guys
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.