Solved

Long DNS lookup times

Posted on 2012-04-02
9
515 Views
Last Modified: 2012-04-03
Hello,

I have a test domain where my 2 x 03R2 DC's were primary.  I then prepped the domain for 08R2, which went fine.  I then promoted the 08R2 machines to DC's, and then transferred FSMO roles etc.  Everything went well.  I then demoted the 03 servers so now I have 08R2 DC's as well as raising the forest and domain functional level to 08R2.

When my test clients to the internet, it takes a long time to resolve things, in fact, even on the DC's themselves it takes a long time.  

What could I have done wrong?
0
Comment
Question by:lbtoadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 

Author Comment

by:lbtoadmin
ID: 37797844
I also noticed that in my sites and services, I still have the old 03 servers listed, but there is nothing next to them like the others that say GC.  Do I need to manually delete them from sites and services, as well as DNS?  They are completely off of the domain.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 37797855
Did you have the 2003 DC/DNS settings documented anywhere.  The reason I'm asking is because I'd check the forwarders.  Did you have forwarders configured (right click the DNS server, then properties, then forwarders tab).   If you had them on the 2003 box make sure they are on the 2008 box otherwise it is using root hints.

You can also sniff/monitor traffic with wireshark or netmon to see more on the wire

Thanks

Mike
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37797859
Yes delete them from sites and services, that doesn't happen automatically during demotion.

Thanks

MIke
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:lbtoadmin
ID: 37798363
Hello,

I just checked the forwarders tab on the 2008 server and it still has the old DC's.  Do you think that is the problem?  If so, how do I change them?  I also noticed that the old DNS servers are in DNS with the "same as parent" records.
0
 

Author Comment

by:lbtoadmin
ID: 37798521
Actually, I think I got it figured out.

1.  On the forward lookup zone, I right clicked on it, went to name servers, and deleted the old ones.  This took out of the "same as parent" DNS records for those two machines.

2.  I right clicked on my server in DNS, went to properties, clicked on fowarders, and edited the list.  I simply cleared out the servers in the list (there were only two entries, and they were for my old DC's).  

Once I did all of that, I was able to ping out and my clients could resovle things.

Does this sound like what I should have done?  

Mike, thanks for the tip above, which I performed in step 2 above.
0
 

Author Comment

by:lbtoadmin
ID: 37802464
Hello,

Can someone let me know if what I did above is correct in that I don't need the forwarders in there?

Thanks,
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 500 total points
ID: 37802545
Yeah if those old servers were listed in forwarders then getting rid of them was the right move.  Would have been nice to see what was listed on forwarders for the old servers (you may have not had anything listed)

Thanks

Mike
0
 

Author Comment

by:lbtoadmin
ID: 37802590
Hi Mike,

Sorry I did not add that.  I happened to look at that before I demoted then and in the forwarders tab they had "all other domains"  in DNS domain and no entries for forwarders.

It looks like 08R2 does not have the option for "all other domains", just the option to manually add forwarders.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37802647
You got it, they also separated conditional forwarders in 2008,
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question