Solved

DNS resolving issue

Posted on 2010-09-21
10
536 Views
Last Modified: 2013-11-25
We have a major issues in our network.  Our LAN is having a hard time browsing and ping external site and is extremely slow.  We have issues where RDP to our servers takes some time to resolve. Our Applications seem to be having TimeOut issue. We can browse the IE Explorer, but takes some time before it can resolve.  Our IT Director setup a new server and called it a new domain, thus setup DNS, WINS, DHCP.  He is migrating our old Win2003 server to the new Win2008 server.  

However, we have a set back due to our issue. Any suggestions as where to start troubleshooting would be very helpful.

BIG THANKS!!!
0
Comment
Question by:BocaPharmacal
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Expert Comment

by:collins23
Comment Utility
Ok, here are some pointers ?

Is resolving within the LAN ok ?

i.e . can you ping an internal server without any problem ( of speed )

if so . then its probably a problem with your external dns provider ( ISP )

If Not.

Then you might have a problem with your internal DNS server.

try this . on a windows computer goto command prompt and type nslookup

do you get any errors ?

if you don't

try putting in a host name of one of your servers.

Does it resolve ?

0
 
LVL 2

Expert Comment

by:HFVgally
Comment Utility
Is this a Small Business Server migration? With a new server on a new domain, do you now have two separate DNS and two competing DHCP servers running on the same network?
0
 
LVL 8

Expert Comment

by:jimmyray7
Comment Utility
Please post the output of 'ipconfig /all' from one of the DHCP workstations, as well.
0
 

Author Comment

by:BocaPharmacal
Comment Utility
Thank you all for your responses.  Listed below is the information I gather.

Same LAN. No seperate DNS and DHCP server. My IT Director did a forwarding of the old server's DNS
to the new server.  Old Server: Win2003  New Server: Win2008 R2


Is resolving within the LAN ok ? YES

i.e . can you ping an internal server without any problem ( of speed ). NO SPEED ISSUE

if so . then its probably a problem with your external dns provider ( ISP ). I CALLED THE DNS PROVIDER AND THEY SAID IT IS WORKING. I PING FROM THE MAIN FIREWALL AND REPORTED BELOW.
-------------------------
Ping Outside from Firewall:
Sending 5, 100-byte ICMP Echos to 67.195.160.76, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 30/38/40 ms

Ping Inside from Firewall:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 67.195.160.76, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
-------------------------
 
Then you might have a problem with your internal DNS server. YES

try this . on a windows computer goto command prompt and type nslookup. NO ERROR

try putting in a host name of one of your servers.  NO ERROR


=======================================================
IPCONFIG /ALL:

C:\Users\kle>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : 1155-WIN7
   Primary Dns Suffix  . . . . . . . : bgdomain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : bgdomain.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : BGDOMAIN.local
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-21-9B-17-AA-D4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.47(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, September 20, 2010 6:04:59 PM
   Lease Expires . . . . . . . . . . : Tuesday, September 21, 2010 7:05:07 PM
   Default Gateway . . . . . . . . . : 192.168.0.254
   DHCP Server . . . . . . . . . . . : 192.168.0.174
   DNS Servers . . . . . . . . . . . : 192.168.0.174
                                       192.168.0.3
   Primary WINS Server . . . . . . . : 192.168.0.174
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.BGDOMAIN.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : BGDOMAIN.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\kle>
0
 

Author Comment

by:BocaPharmacal
Comment Utility
I have fix our Internet issue of the DNS in for new server forwarding of Uncheck use “Use root hints if no forwarders are available”.

However, I am going to the Firewall and I am able to a ping Outside, but inside I am getting 0 out of 100%.  I am getting The DNS resolutions "Request Time Out." when I did a tracert.  Any suggestions?


tracert www.cdw.com

Tracing route to e1962.b.akamaiedge.net [69.192.8.42]
over a maximum of 30 hops:

  1     *        *        *     Request timed out.
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10    37 ms    37 ms    36 ms  a69-192-8-42.deploy.akamaitechnologies.com [69.1
92.8.42]
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 6

Expert Comment

by:collins23
Comment Utility
If your DNS issue is fixed, i don't think this should be an issue . Do you really want to allow tracert to external servers from inside your network ?

What exactly do you want to achieve ?
0
 

Author Comment

by:BocaPharmacal
Comment Utility
Well our DNS was mess up. I just fixed it.  However, I was able to tracert for troubleshooting before our DNS was mess up, but now I am not able to.   I want some hint as where to trace down the possible problem in the DNS settings.
0
 
LVL 2

Accepted Solution

by:
HFVgally earned 500 total points
Comment Utility
were any changes made to the firewall durring your troubleshooting? It looks like you are resolving just fine, but the request timed out - i usually see that when a firewall is blocking the response.
0
 

Author Comment

by:BocaPharmacal
Comment Utility
I have already check the firewall.  The firewall was not block.  
0
 
LVL 6

Expert Comment

by:collins23
Comment Utility
what type of firewall are you using ?

are you able to ping external ip addresses from internal hosts ?

is this the ip address of your firewall 192.168.0.254 ?

Again, i think unless you really need traceroute for something inside your network to function.

i don't think this should be a problem especially if DNS is able to resolve and you are able to get internet.


0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now