[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DNS cache problem (appears to be client side)

Posted on 2011-10-31
15
Medium Priority
?
1,755 Views
Last Modified: 2012-05-12
I provide IT support for several small to medium sized business.  One thing I've noticed is that with 2 of the larger clients - workstations will periodically suffer from what appears to corrupt DNS Cache.  This is only when resolving non internet hostnames.  Each client has several remote sites but this problem occures randomly on both WInXP and 7 workstations.  

Symtpoms: "I can't log into Exchange - it shows disconnecte" or "I can't access the AS400"
Solution: ipconfig /flushdns and ipconfig /registerdns

if I do an nslookup, the server resolves the hostname no problem.

I get 1-2 calls that require this fix per month but I can't find a single thing about this on the internet.

Advise anyone?
0
Comment
Question by:GDavis193
  • 6
  • 4
  • 2
  • +2
14 Comments
 
LVL 3

Assisted Solution

by:WalrusSoup
WalrusSoup earned 126 total points
ID: 37058942
I take it you have already reset the TCP\IP stacks and the winsock stacks on both of these machines?
0
 
LVL 24

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 498 total points
ID: 37058966
if ipconfig /flushdns solves your problem...
you can display the local dns cache with
ipconfig /displaydns
save the result and compare it with the result after /flushdns

if ipconfig /registerdns solves your problem...
are the DNS entries for the client at the DNS-server (forward and backward) correct before calling /registerdns?
 
0
 
LVL 21

Assisted Solution

by:Alan
Alan earned 126 total points
ID: 37059163
You cuold always just treat the symptoms (not ideal) by putting:

ipconfig /flushdns

into their login script.

:-)

Alan.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:GDavis193
ID: 37084978
Still same problem - I've reset TCPIP and Winsock/2 and I still have users who occasional don't resolve a hostname.  ipconfig /displaydns shows no entry for the local hostname but NSLOOKUP resolves it just fine.

Pulling my hair out here....
0
 
LVL 24

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 498 total points
ID: 37088672
what do you mean with "I still have users who occasional don't resolve a hostname"
thes user-devices cant resolved by nslookup (forward/backward) or these clients have problems resolving (different?) hostnames (local/ping/nslookup/../ fqhn or netbios-name?)

the own systemname should not be present within the local dns-cache.
are the problem-clients able to resolve the "not working" hostames with nslookup - if not please post the answer message.


 
0
 

Author Comment

by:GDavis193
ID: 37095172
Symptom: User can't connect to Exchange, timeforce (their web based time clock system) etc.

Solution: ipconfig /flushdns and /registerdns

Troubleshooting shows this:  For some reason, hostnames on the LAN are no longer resolving.  It's not ALL hostnames (servers in this example), sometimes it's just one or two.  When this occurs, running an NSLOOKUP brings up the DNS server and it resolves the hostname no problem.  The clients DNS cache shows missing IP entries for the hostname.

So yes, nslookup works but ping fails.  The clients 'forget' about these hostname/IP resolution randomly.  
0
 
LVL 24

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 498 total points
ID: 37095521
do you use working with the "hosts" file at these workstations?
there are known buffer problems within Win2003 and possible Windows XP/7 also.
are there "many" entries within the DNS-cache?
0
 
LVL 1

Assisted Solution

by:jiggyfly
jiggyfly earned 250 total points
ID: 37095593
you could edit the host file to include a static mapping, that is a workaround but not a fix. Are the servers multihomed?  Do you have offline files enabled on the clients? Try turning this off.When a client is affected what ip address is listed when you ping the mail server? Are your clients DHCP? Where are they getting DNS? Check the DNS server itself. Do you have the DHCP server offering a WINNS server as well?
0
 

Author Comment

by:GDavis193
ID: 37095707
I would prefer to not edit the HOSTS file.  

Yes there are man entries in the DNS cache.

Offlinefiles = no

I did notice one thing - they have public DNS names listed for the same internal hostnames.  I know I didn't explain that well so let me clarify.

server hostname: mail.domainname.com
internal IP: 192.168.1.10
nslookup resolves mail.domainname.com to 192.168.1.10

They also have public DNS pointing to a puiblic address (ie 67.137.xx.xx) so:
A record = mail.domainname.com 67.137.xx.xx

when the local DNS cache fails, when i ping mail.domainname.com I get the public IP.  So for a week it was resolving the internal IP address as desired but at some point it failed and resolved the public IP and kept it.  This also explains why hostnames with NO public DNS record simply fail to resolve anything.

For some reason they are losing connectivity to the internal DNS server and when the cache expires it's unable resolve properly?  Hmm.... is there a way to have the local DNS service refresh the internal DNS cache more often?

0
 

Author Comment

by:GDavis193
ID: 37095759
I forgot to add: DHCP for IP and DNS.
no WINNS server
0
 
LVL 24

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 498 total points
ID: 37102627
why you dont use wins?
our domain-guys mostly install wins because it is simple, quick (and should solve your problem)
ok thats only a workaround ...
 
0
 
LVL 1

Accepted Solution

by:
jiggyfly earned 250 total points
ID: 37102722
do you have the primary dns server hard coded to an external server? You should have the replication partner the first entry then the loopback as the secondary 127.0.0.1
0
 

Author Comment

by:GDavis193
ID: 37250851
Problem resolved by discovering a Name server entry in DNS pointing to an old decomissioned server.  Removed it and it appears to bo working thus far.

Points given for effort.
0
 

Author Closing Comment

by:GDavis193
ID: 37250864
Appreciate the help - answered my oqn question.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question