Avatar of Glen Krinsky
Glen KrinskyFlag for United States of America

asked on 

DNS Failover

We have been having an issue where our network begins running VERY slow whenever the primary DNS server fails (the secondary is still up) or the secondary fails (the primary is still up).  All my research thus far has told me to remove the failed DNS server from the machines.  This does work, but it is time consuming and really doesn't solve the problem.  Does anyone have any ideas other than removing the failed server?
DNSWindows Server 2003Windows Networking

Avatar of undefined
Last Comment
Leon Fester
Avatar of mlaise
mlaise

You can reduce the timeout value for the clients so they abandon their request to the failed server sooner: http://technet.microsoft.com/en-us/library/ff807396(v=WS.10).aspx
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

I don't believe it is the timeout.  Its as if there is a sudden broadcast storm to try and find DNS.
Avatar of teomcam
teomcam

Could you run following commands as administrator on your DC and put the result here please. Note: Please alter your environmental data

dcdiag /test:dns /v
dcdiag /test /v
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

I will run them first thing in the morning.
Avatar of Leon Fester
Leon Fester
Flag of South Africa image

There is no DNS failover capabilities.

Primary and Secondary DNS are seperate entities where the secondary is only reference when the primary server becomes unavailable.

I'd explain it all, but I'd just be repeating everything that is mentioned in the following posts:
http://social.technet.microsoft.com/Forums/en-US/winserverPN/thread/297dc8fa-0b14-4705-94ea-8aa1b0b38876
http://blogs.technet.com/b/stdqry/archive/2011/12/02/dns-clients-and-timeouts-part-1.aspx
http://blogs.technet.com/b/stdqry/archive/2011/12/15/dns-clients-and-timeouts-part-2.aspx
http://technet.microsoft.com/en-us/library/cc779517.aspx
http://support.microsoft.com/kb/320760/en-us
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

Ok.  I understand this, but, when we have just a single DNS entry on our systems, we have no problem.  If we add just a bogus IP address in for a secondary DNS, every system immediatly starts to run EXTREEMLY slow.
Avatar of teomcam
teomcam

Just in case I'd like to make sure for the followings;
Your server's only 1 NIC has been connected
Your DC's IP configuration is correct (Primary DNS must be your DC's IP
On your DNS Console- DNS Server (Right click)-Properties, you are not accepting DNS queries on the IP other than your DC's IP
There is no left over from any previous DC in the DNS server
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

*Only 1 NIC connected
*DNS is set up correctly
*We are not accepting DNS queries
*No other installs present
Avatar of Leon Fester
Leon Fester
Flag of South Africa image

when we have just a single DNS entry on our systems, we have no problem
I'm assuming at that time, the DNS server is up and running. - so you should be seeing any issues.

If we add just a bogus IP address in for a secondary DNS, every system immediatly starts to run EXTREEMLY slow.

Why would you enter a bogus DNS server?
What scenario are you trying to test?

Are you client windows or *nix clients, I know I've seen issues on *nix clients when the DNS is not available...never ever got an answer from *nix support as to why. Just that DNS must be available.

I cannot say that I've personally seen Windows clients behave like this.

Finding a solution for your problem depends on the root cause of the server becoming unavailable. Can you elaborate on what causes the servers to go down?

I doubt that you'd get a "textbook" answer knowledge usually only looks at what is supposed to work, if configured correctly and all services are available.

Your best bet to get an understanding of what is happening on the network would be to run a snipper app, like Wireshark or Netmon from Microsoft, you'll then be able to see which servers are being queries, how long that server is pinged and you'll know when the DNS queries are answered.
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

We have no idea why the server is going down.  It is not on our end.  The reason for entering the bogus DNS ip for a secondary is mearly to "see what happens" in an attempt to duplicate the issue in our lab.  In the field, it is not our DNS (primary) that is going down, but the secondary.
Avatar of Leon Fester
Leon Fester
Flag of South Africa image

OK, makes sense.
If you're not controlling the DNS servers then I'd recommend moving the off your workstations.

Any Windows Server can be a DNS server, the only limitation being AD-integrated DNS can only run on a domain controller. I would recommend that you consider putting in a second DNS server of your own.

Does the secondary DNS server hold any specific DNS zones that you want to query or why are you using it?

Maybe you can expand on the reasons for using the secondary from another site?

The issues with external DNS is that too many things can go wrong, e.g. server issue, DNS service, Network, Firewall, Bandwidth and congestion, and then you end up with a situation like you're currently in.

N.B. I'm not rapping you over the knuckles, just trying to get an understanding of your environment. I've working in enough places where solutions were built on the wrong requirements.
Avatar of Glen Krinsky
Glen Krinsky
Flag of United States of America image

ASKER

Unfortunatly we do not have the ability to install another DNS due to space and other restrictions.  We have to have the other DNS as it does hold specific queries that will not be allowed on other servers if you know what I mean.
ASKER CERTIFIED SOLUTION
Avatar of Leon Fester
Leon Fester
Flag of South Africa image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Windows Server 2003
Windows Server 2003

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo