Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Long DNS lookup times

Posted on 2012-04-02
9
Medium Priority
?
517 Views
Last Modified: 2012-04-03
Hello,

I have a test domain where my 2 x 03R2 DC's were primary.  I then prepped the domain for 08R2, which went fine.  I then promoted the 08R2 machines to DC's, and then transferred FSMO roles etc.  Everything went well.  I then demoted the 03 servers so now I have 08R2 DC's as well as raising the forest and domain functional level to 08R2.

When my test clients to the internet, it takes a long time to resolve things, in fact, even on the DC's themselves it takes a long time.  

What could I have done wrong?
0
Comment
Question by:lbtoadmin
  • 5
  • 4
9 Comments
 

Author Comment

by:lbtoadmin
ID: 37797844
I also noticed that in my sites and services, I still have the old 03 servers listed, but there is nothing next to them like the others that say GC.  Do I need to manually delete them from sites and services, as well as DNS?  They are completely off of the domain.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 37797855
Did you have the 2003 DC/DNS settings documented anywhere.  The reason I'm asking is because I'd check the forwarders.  Did you have forwarders configured (right click the DNS server, then properties, then forwarders tab).   If you had them on the 2003 box make sure they are on the 2008 box otherwise it is using root hints.

You can also sniff/monitor traffic with wireshark or netmon to see more on the wire

Thanks

Mike
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37797859
Yes delete them from sites and services, that doesn't happen automatically during demotion.

Thanks

MIke
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 

Author Comment

by:lbtoadmin
ID: 37798363
Hello,

I just checked the forwarders tab on the 2008 server and it still has the old DC's.  Do you think that is the problem?  If so, how do I change them?  I also noticed that the old DNS servers are in DNS with the "same as parent" records.
0
 

Author Comment

by:lbtoadmin
ID: 37798521
Actually, I think I got it figured out.

1.  On the forward lookup zone, I right clicked on it, went to name servers, and deleted the old ones.  This took out of the "same as parent" DNS records for those two machines.

2.  I right clicked on my server in DNS, went to properties, clicked on fowarders, and edited the list.  I simply cleared out the servers in the list (there were only two entries, and they were for my old DC's).  

Once I did all of that, I was able to ping out and my clients could resovle things.

Does this sound like what I should have done?  

Mike, thanks for the tip above, which I performed in step 2 above.
0
 

Author Comment

by:lbtoadmin
ID: 37802464
Hello,

Can someone let me know if what I did above is correct in that I don't need the forwarders in there?

Thanks,
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 2000 total points
ID: 37802545
Yeah if those old servers were listed in forwarders then getting rid of them was the right move.  Would have been nice to see what was listed on forwarders for the old servers (you may have not had anything listed)

Thanks

Mike
0
 

Author Comment

by:lbtoadmin
ID: 37802590
Hi Mike,

Sorry I did not add that.  I happened to look at that before I demoted then and in the forwarders tab they had "all other domains"  in DNS domain and no entries for forwarders.

It looks like 08R2 does not have the option for "all other domains", just the option to manually add forwarders.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37802647
You got it, they also separated conditional forwarders in 2008,
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question