Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 148
  • Last Modified:

SBS 2008 DNS Issue

We have a SBS 2008 server which is the main DNS server. Randomly it stops people surfing the internet until the DNS Service is re started. All is fine again after restart but will drop at some point. No errors are flagged in the event viewer.

Any ideas?
0
grovenetsupport
Asked:
grovenetsupport
1 Solution
 
Abdul Khadja AlaoudineCommented:
Enable DNS Debug Logging by going to Properties of the DNS server --> Debug Logging --> Enable logging

Also check System event log for DNS service related issue.
0
 
Asif BacchusCommented:
Are you configured to use DNS forwarders or root hints?  I find root hints can cause this issue, but forwarders seem to work nearly flawlessly.
0
 
David AtkinIT ProfessionalCommented:
I would agree with asifbacchus here.

Change to DNS forwards if you're not already.  Googles DNS has always worked for me:

8.8.8.8
8.8.4.4
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
grovenetsupportAuthor Commented:
Thanks guys but I had already tested the Google Servers albeit only 8.8.8.8 so I have added the other to see if it helps
0
 
Asif BacchusCommented:
Good that you are already using forwarders.  When this DNS issue happens, do your clients still have network connectivity to the server, or is the NIC cutting out entirely?  Can the server itself still resolve DNS queries or does it fail also?
0
 
grovenetsupportAuthor Commented:
All good bar internet. I can use logmein to get to server but cant surf net till dns server restarted
0
 
Asif BacchusCommented:
I know you said you are using forwarders, but can you verify you are not *also* using root hints?  With root hints, there is a well known issue with the DNS cache not flushing properly.  This could be the case here also.  Before getting to that, let's rule out a few other things.

Does you DNS server actually stop, or do you just have to restart it?  Also, since you tagged this with SBS, I'm assuming this is the only DNS server, correct?  If so, do you have the localhost (127.0.0.1) listed as one of your DNS servers in your forwarding setup?  It definitely should NOT be on that list.

If that's all working, you can try the cache refresh fix as follows (MS Fast-Publish Article 968372):

Edit the registry as follows:

HKLM\System\CurrentControlSet\Services\DNS\Parameters
Create a new 32-bit DWORD value called MaxCacheTTL with value 0x2A300 (172800 in decimal)
Quit regedit and restart DNS service

Let's see if this helps.
0
 
grovenetsupportAuthor Commented:
It is set to use Root Hints if no forwarders or is that not what you mean?
0
 
Asif BacchusCommented:
Yes and no :-P  That is a good setting and it is the recommended setting.  It could be that your calls to the Google DNS servers are failing (network load, etc.) and then your server is resorting to root hints.  In that case, then the cache issue comes into play and that's why I suggested the registry change.

I tend to avoid this problem entirely by pointing my forwarder to my BSD gateway/firewall box, which handles DNS (IMHO, please no flaming here!) much better.  However, if you don't have this option (i.e. a solid router with enough memory) then try the registry fix and let's see if that clears up the issue.
0
 
grovenetsupportAuthor Commented:
Ok I have applied the registry fix and will see what happens
0
 
hecgomrecCommented:
Don't know your scenario, but some times a rogue DHCP server can cause surfing problems.

If the problem arise one more time check that all stations have the right IP, Mask, Gateway and DNS assigned to their NIC, check also the server.  If you find a different dns or IP there you should try locate the offending device.
0
 
Asif BacchusCommented:
I'm guessing it was the registry fix that helped you out?  Just so you know, that means that your server is resorting to root hints at least occasionally so you *may* want to take a look at your DNS setup at some point and maybe try using different servers for your forwarders.

In any case, glad you go the issue sorted out!
0
 
grovenetsupportAuthor Commented:
Thanks for the heads up its not easy walking into someone else's nightmare that's why I love this site
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now