Slow DNS resolution with any new computers

Hello,
      At my company we have one server inside our network that is a primary domain controller  and DNS. Recently i have replaced several employees' computers with new ones. All of the new computers are very slow to load web pages (15 - 20 seconds) even though our internet connection is very fast. Usually running a broadband speed test from any of the computers (even the slow internet ones) results in an absolute minimum of 15Mbps UP/Down (ranges up to as high as 80Mbps). I have discovered that all of the lag in initially displaying a webpage is spent resolving the domain name. If i change the DNS server for those computers from our DNS to automatically detect the internet is instantly fast. Problem is that that screws up all the accessing of shared folders, printers, etc... inside our network.

Any of the computers that have been around since before i was handling IT have fast internet even with the hardcoded DNS server inside our network.

It seems that when i replace a computer i must need to somehow put information about that new computer into the DNS server? I know there must be something simple i am missing, any ideas?

Thank You,
ruairiAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:
Thanks. At this stage, and given that you've having trouble, please delete everything from the Forwarders tab.

You might choose to put something back there later, but we need to know if it works better without those than it is with. Your server is quite capable of resolving names without forwarders.

Remember that any clients you have should only use your internal DNS server since AD is involved. You don't want them having an external server as a backup because it just swaps one problem (no fault tolerance) for another (trouble talking to AD).

Chris
0
 
Dangle79Commented:
when you set them to automatically detect DNS servers what IPs do they get? these should come from your DHCP
do you have your public (internet) DNS server IPs entered as additional DNS servers?
in my pic the first two are my internal, the bottom two are the public.
Capture.PNG
0
 
John JenningsOwnerCommented:
Please take the time to read through this TechNet article. It's great, and will help you iron out a lot of DNS related kinks in your network.

http://technet.microsoft.com/en-us/library/cc757837%28WS.10%29.aspx

0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
ruairiAuthor Commented:
if i set my computer to automatically detect DNS server and ipconfig /renew i get 168.95.1.1 as my DNS server, i assume this is public. I have already tried setting up one of the computers with slow internet with our DNS srever (192.168.1.100) as primary, and the above ip address as the secondary. This still results in the very slow internet.
0
 
Chris DentPowerShell DeveloperCommented:

> in my pic the first two are my internal, the bottom two are the public

The bottom two really should not be there if we're talking about AD domains. It causes all manner of problems if the client starts using them (again, while it is part of an AD domain).

Ruairi,

Can you tell us about your DNS server? And can you tell us if that's the only DNS server your clients are configured to use?

I would be especially interested in any Forwarders you have configured. You'll find those by opening the DNS server console, right clicking on the server and opening Properties, then selecting the Forwarders tab.

Chris
0
 
ruairiAuthor Commented:
JohnThePro - I have started reading the article, so far no luck but will keep looking. Thanks

Chris - Server Particulars:
Dell Server PE1800
Intel Xeon CPU 3 GHz
4 GB RAM

Windows Server 2003 Standard Edition SP2

It is the only DNS server the clients are configured for.

Forwarders Tab:
DNS Domain List = 'All other DNS domains'
Selected Domain's forwarder IP address list =
208.200.248.1
69.10.201.27
Number of seconds before forward queries time out = 5
Thanks
0
 
John JenningsOwnerCommented:
Okay, lets baby step through this.

Your workstations, do you statically assign them IP addresses?
If so, did you assign the new workstations the same IPs as the old workstations?
0
 
PTSMNCommented:
maybe try a simple, "ipconfig /flushdns" and "ipconfig /registerdns" from cmd?

0
 
ruairiAuthor Commented:
John - No, they are assigned with DHCP. The replacement computers' Computer Names are also different.

Chris - Deleted all IP's from the forwarders tab. The 'All other DNS Domains' entry in the DNS Domains list cannot be deleted.
This change had no effect on the problem workstations (i gave it over an hour before trying in case there would be some time lag).

PTSMN - Sorry if this is a stupid question, but i assume that would be on the workstations, not the DNS server?

Thanks for all your comments so far,
0
 
Chris DentPowerShell DeveloperCommented:

Great, so can we test DNS resolution a bit.

How quickly do you get responses for:

nslookup www.google.com
nslookup experts-exchange.com
nslookup www.microsoft.com

The response should be pretty much instant in all cases, if there's a delay we need to dig further.

Chris
0
 
ruairiAuthor Commented:
Thank you all for your input and attempts to help. It turns out Chris-Dent's comment at 11:07am was the answer (just took a while to work), so i will go back and accept that as the solution. I just wanted to take a minute to thank everyone that tried to help.
0
 
ruairiAuthor Commented:
Thanks, this has been plauging me for a while and getting rid of the forwarders took care of it. Hopefully it wont cause problems with interoperability with our trusted domain at another site.
0
 
Chris DentPowerShell DeveloperCommented:

I just wanted to add one last comment.

It's quite likely that one or more of the forwarders you had was broken. Replacing those with working forwarders would also solve this problem. If none are easily available you can use Google's public DNS servers:

http://code.google.com/speed/public-dns/

Anyway, leaving it using Root Hints is not a problem :)

Chris
0
 
ruairiAuthor Commented:
Thanks for the tip! Do you have any guesses as to why computers that have been in our network for years would not see the slow resolution and new ones would?
0
 
Chris DentPowerShell DeveloperCommented:
Not really, at least not unless they have different DNS servers configured.

DNS (because it's UDP based) doesn't acknowledge connections, so the client has no way of knowing if a DNS server is going to respond except by waiting.

In your case it's quite likely that one (or both) of the forwarders were timing out, which results in a very very slow response to the client machine.

Chris
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.