• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1885
  • Last Modified:

Intermittent DNS SERVFAIL

I'm having intermittent Win2003 DNS issues on one of our networks.  the instigator was we had our SMTP relay bounce back an email (sent to an ISP, this is not exchange related - we don't have exchange on that network - it's just SMTP in an application), which is what brought the attention to the issue, but yesterday one of our developers also could not goto www.google.com momentarily from one of the servers.  this shouldn't happen of course, and i'm trying to find out what's going on.  today i could go everywhere, but looking at earlier this morning in dns.log in windows i see the errors below and i'm confused.  we get SERVFAIL intermittently, i can normally go wherever i want.  dns is set to forward all other domains to root hints in dns, no forwarding configurations to be worried about.  regular dns event logs do not show any issues, to include application logs, system logs, etc.  i don't have enough experience to know if intermittent SERVFAILs are normal, but as shown below it comes, and goes away.  is this normal? (none of our servers on a different network that use our connection from our building has dns logging enabled, so i don't have a baseliine to compare to).  we want to talk to our provider from our building, but i was tasked to ID that it's not our fault first.  help.

20110421 06:40:21 C64 PACKET  027A3050 UDP Snd 64.4.59.173     8964   Q [0000       NOERROR] A     (4)time(7)windows(3)com(0)

20110421 06:40:21 644 PACKET  01F94FF0 UDP Snd 192.168.8.57    2253 R Q [8281   DR SERVFAIL] ALL   (3)dns(8)msftncsi(3)com(0)

20110421 06:40:21 644 PACKET  02519C10 UDP Snd 65.55.226.140   bc19   Q [0000       NOERROR] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:21 644 PACKET  02519C10 UDP Snd 64.4.59.173     bc19   Q [0000       NOERROR] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:23 644 PACKET  01C8F270 UDP Snd 192.5.6.30      180e   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:24 644 PACKET  022CD460 UDP Snd 192.52.178.30   d427   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:24 644 PACKET  022CD460 UDP Snd 192.48.79.30    d427   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:24 644 PACKET  027A3050 UDP Snd 213.199.159.59  8964   Q [0000       NOERROR] A     (4)time(7)windows(3)com(0)

20110421 06:40:25 644 PACKET  02798550 UDP Snd 192.168.8.57    fc6b R Q [8281   DR SERVFAIL] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:27 644 PACKET  01C8F270 UDP Snd 192.41.162.30   180e   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:27 644 PACKET  01C8F270 UDP Snd 192.52.178.30   180e   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:28 644 PACKET  0222C4B0 UDP Snd 192.168.8.57    94e4 R Q [8281   DR SERVFAIL] A     (3)www(6)google(3)com(0)

20110421 06:40:28 644 PACKET  0222C4B0 UDP Snd 192.168.8.57    94e4 R Q [8281   DR SERVFAIL] A     (3)www(6)google(3)com(0)

20110421 06:40:28 644 PACKET  0222C4B0 UDP Snd 192.168.8.57    b0bb R Q [8281   DR SERVFAIL] A     (3)www(6)google(3)com(0)

20110421 06:40:28 644 PACKET  027A3050 UDP Snd 64.4.59.173     8964   Q [0000       NOERROR] A     (4)time(7)windows(3)com(0)

20110421 06:40:28 644 PACKET  027A3050 UDP Snd 65.55.226.140   8964   Q [0000       NOERROR] A     (4)time(7)windows(3)com(0)

20110421 06:40:29 C64 PACKET  0218F510 UDP Rcv 192.168.8.57    01d1   Q [0001   D   NOERROR] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:29 C64 PACKET  022CD460 UDP Snd 64.4.59.173     dc38   Q [0000       NOERROR] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:31 644 PACKET  01C8F270 UDP Snd 192.48.79.30    180e   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:31 644 PACKET  01C8F270 UDP Snd 192.43.172.30   180e   Q [0000       NOERROR] A     (3)www(6)google(3)com(0)

20110421 06:40:32 C64 PACKET  01BE57D0 UDP Rcv 192.168.7.11    5e30   Q [0001   D   NOERROR] A     (10)fmnetnetiq(5)FMNet(5)local(0)

20110421 06:40:32 C64 PACKET  01BE57D0 UDP Snd 192.168.7.11    5e30 R Q [8085 A DR  NOERROR] A     (10)fmnetnetiq(5)FMNet(5)local(0)

20110421 06:40:32 644 PACKET  027A3050 UDP Snd 65.55.37.62     8964   Q [0000       NOERROR] A     (4)time(7)windows(3)com(0)

20110421 06:40:32 644 PACKET  022CD460 UDP Snd 213.199.159.59  dc38   Q [0000       NOERROR] A     (6)teredo(4)ipv6(9)microsoft(3)com(0)

20110421 06:40:33 C64 PACKET  0222C4B0 UDP Rcv 192.168.7.50    61ad   Q [0001   D   NOERROR] A     (8)fmnetsep(5)FMNet(5)local(0)
0
JodyBear
Asked:
JodyBear
1 Solution
 
ittogoCommented:
It is a UDP protocol, so there is bound to be some packet drops if there is network congestion, so I would say this is normal.  That is why it is recommended to have a primary and secondary DNS
0
 
JodyBearAuthor Commented:
good call, i hadn't thought of that.  i'll take it from here, thank you.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now