DNS on SBS 2008: cannot get to one web site
I have clients who cannot reach a certain domain's web site. The users are on a domain (SBS 2008), and the server is the DNS server.
When I change the DNS of a workstation to something off site, it navigates fine.
There's a registry fix recommended involving MaxCacheTTL, but the recommended setting already exists. As far as I know so far, it's just a single domain/URL that isn't working. Is there a way to add this single site to the DNS server so that it works properly? Or is there another recommended fix?
Thanks.
When I change the DNS of a workstation to something off site, it navigates fine.
There's a registry fix recommended involving MaxCacheTTL, but the recommended setting already exists. As far as I know so far, it's just a single domain/URL that isn't working. Is there a way to add this single site to the DNS server so that it works properly? Or is there another recommended fix?
Thanks.
Have you checked the DNS Forwarders on the DNS server? In Administrative Tools > open DNS > right click on the server name > Properties > Forwarders tab
If you are using DNS Forwarders there's a possibility that the DNS server that you are using is having issues resolving the problematic domain. You can either notify them by contacting them directly or you can add in a working DNS server (something like OpenDNS) to the list as a workaround. I generally also reduce the number of seconds before the query times out to 1 second to boost the speed of DNS queries.
If this list is empty then it means the server is most likely using the Root Hint servers which don't always resolve domains out there. Best practice here would be to put in the DNS servers assigned to you by your ISP (you can get this info directly from your ISP or else you could log into your modem).
If you are using DNS Forwarders there's a possibility that the DNS server that you are using is having issues resolving the problematic domain. You can either notify them by contacting them directly or you can add in a working DNS server (something like OpenDNS) to the list as a workaround. I generally also reduce the number of seconds before the query times out to 1 second to boost the speed of DNS queries.
If this list is empty then it means the server is most likely using the Root Hint servers which don't always resolve domains out there. Best practice here would be to put in the DNS servers assigned to you by your ISP (you can get this info directly from your ISP or else you could log into your modem).
ASKER
becraig, I cannot Tracert the domain name. It gives "Unable to resolve target system name..." I can tracert the IP address, indicating a DNS issue I would presume.
When I use an OpenDNS server as the secondary DNS on the PC on the network/domain, it still does not resolve the domain name, strangely (even after Ipconfig /flushdns, etc.)
At ping.eu, the tracert is fine.
When I use an OpenDNS server as the secondary DNS on the PC on the network/domain, it still does not resolve the domain name, strangely (even after Ipconfig /flushdns, etc.)
At ping.eu, the tracert is fine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
DaveWWW2014-10-28 at 02:52:19ID: 40406590If you have the OpenDNS server set as the secondary DNS server, it will not handle the DNS requests for that machine unless your primary DNS becomes unavailable. Try setting the OpenDNS server as the primary then see if the domain is resolvable by pinging it in Command Prompt once you've changed over the orders of the DNS servers.
When I use an OpenDNS server as the secondary DNS on the PC on the network/domain, it still does not resolve the domain name, strangely (even after Ipconfig /flushdns, etc.)
ASKER
Thanks very much - that solved my problem completely.
Try using nslookup problematic.domain.com
See if you are able to resolve it using your dns servers.
If not I would just simply have the clients configured with a public dns as the secondary which should resolve this when the primary dns is unable to resolve the domain name.
You can add the zone to your DNS server and forward lookups to the internet but let's try to figure out if your dns server really cannot resolve the domain first and why.