DNS Server Issues

Posted on 2014-08-12
Last Modified: 2014-08-18
Needing some assistance, please. Long story short I setup a small domain/network for a friend of mine just over 2 years ago for a dentist office. Everything has been working great until a couple weeks ago when he send me a screenshot of a DNS issue on one of his client machines. Upon further investigation I discovered that the domain/dns server was unable to access the internet all of the sudden. The only way we can get internet access back is to hardcode the ISP's DNS servers. If I leave the server pointed to itself (the actual IP, not the loopback) I cannot access the internet.
DNS is a bit of a grey area for me and I'm kind of at a loss, and not sure what has changed that would have impacted something that had been working fine for the past couple years.
I'm using a Westell 7500 modem provided by our ISP/CenturyLink that is setup in bridge mode to the PPPoE connection to our SonicWall TZ100 firewall. Any ideas what I need to do to get my server seeing the internet again without having to hardcode the ISP's DNS? This is affected clients that are setup to grab the IP via DHCP as it's set to point the server IP, so on each client I've had to also hardcode the DNS information to the ISP's DNS servers.
Any ideas would be greatly appreciated. Again I'm not real familiar with DNS servers so I'm not sure if I can just recreate a zone or how I can verify/narrow down where the issue is.
Hoping someone might be able to steer me to the path of having a working DNS server again.
Thanks for your time!
Question by:bkdavis
    LVL 24

    Expert Comment

    by:Mohammed Khawaja
    Check DNS server setting and check the forwarder tab.  It might be forwarding request to a DNS server which may not exist or does not allow access.  What you could do is change the forwarder to the ISP DNS or you could use Root Hints.
    LVL 3

    Accepted Solution

    BKDAVIS, try the suggestion above first. You say you're not DNS savvy so here is the way to do the above suggestion on a server 2008 box.

    Open DNS Manager on the server (control panel>admin tools).
    Right click your server's name and select properties.
    Click the Fowarders tab and see what IPS are listed.
    Enter your ISP's DNS entries here by clicking the EDIT button. Be sure to test each one to make sure they are working.

    I'd take the next step to restart the server if you can. Wait a few minutes after it starts up and try your internet.

    Let us know if this works.
    LVL 25

    Expert Comment

    dns can either act as a proxy (when you set up forwarders) or as an actual dns server (when you use root hints)

    if you use forwarders, check that they are available using "nslookup FORWARDER_IP" on the dns server (most likely the DC in your case). if they are unavailable you have various possibilities : a firewall rule will not let the dns resolve dns queries, the forwarders are not up any more (try or, or possibly your ISP blocked dns queries to all servers but it's own.

    if you are using root hints, same as above (except for the unavailable server)

    since you have a PPoE connection, your firewall should receive working dns servers from the provider. it seems safe to either set the clients machine to use the firewall, or even you dc to use it as a dns server

    normally, you should not set anything up in the clients since they will receive dns settings through dhcp. you may bypass the DC by setting up working dns servers in the dhcp server's configuration but it is better to keep the default since some domain operation will not work properly otherwise.


    then if you want to understand a little bit of dns operation

    when you query, using a regular A query, a recursive resolver will do the following
    -> query root servers to get the dns server handling .com ( .com IN NS )
    -> query that server to get the dns server handling
    -> query that server to get the dns server handling
    -> query that server to get the IP of ( in A )

    forwarders only act as proxy and will just send the same query they receive to the upstream server.

    most other DNS queries are handled in a very similar way : only the type of the last query differs (TXT, NS, ...)

    PTRS are handled in the same way using a hack :
    if you query ( in PTR )
    the server resolves
    in-addr-arpa is a stub zone for PTR operation, and PTRs (reverse queries) can hence be handled using the same algorithm as A (forward) queries

    Author Closing Comment

    Thank you so much for your suggestions and prompt reply. This seemed to work and we are back in business!!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
    As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
    Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    6 Experts available now in Live!

    Get 1:1 Help Now