jmlnet
asked on
DNS Timeout for one website - Server 2012 R2 DNS
I am unable to go to the website msexchange.org from any of my domain computers or servers. The browser gives me site not found messages. nslookup on the client gives me a "DNS request timed out." message. As far back as I can remember, this is the only website with this problem, all others work fine.
DNS is on Windows Server 2012 R2 and nslookup on the DNS server gives me the same message. If I do "DNS Name Lookup" on my Sonicwall router, it resolves the name just fine when querying my ISP's DNS server. So, it's a problem with my internal DNS server. I've tried this on a different domain with the same result but that's a similarly configured domain so that is expected.
My DNS server is set to use Forwarders and "Use root hints ..." is selected.
I've restarted the DNS server and client and flushed the cache.
Not seeing any messages in the event logs.
Any thoughts?
DNS is on Windows Server 2012 R2 and nslookup on the DNS server gives me the same message. If I do "DNS Name Lookup" on my Sonicwall router, it resolves the name just fine when querying my ISP's DNS server. So, it's a problem with my internal DNS server. I've tried this on a different domain with the same result but that's a similarly configured domain so that is expected.
My DNS server is set to use Forwarders and "Use root hints ..." is selected.
I've restarted the DNS server and client and flushed the cache.
Not seeing any messages in the event logs.
Any thoughts?
ASKER
Thanks very much for the prompt reply and willingness to help.
-I can resolve the rest of DNS Internet domain names.
-I don't have a local DNS zone, conditional forward, or a hosts file with the name msexchange.org.
1. There was a cache folder for msexchange.org. Clearing the cache (as I've done a few times) cleared that entry.
2. Done
3. Done, used Google's public DNS servers
4. After 2 and 3, under Cached Lookups|.(root)|org there is an msexchange folder with5 entries of Name "(same as parent folder)" Type "Name Server (NS) Data ns3.dnsmadeeasy.com. (the 5 entries are ns0-4) and Timestamp "static"
Interestingly perhaps, I use dnsmadeeasy for my external dns for my various domains. However, I tried another dnsmadeeasy domain (underarmour.com) and it resolves fine.
-I can resolve the rest of DNS Internet domain names.
-I don't have a local DNS zone, conditional forward, or a hosts file with the name msexchange.org.
1. There was a cache folder for msexchange.org. Clearing the cache (as I've done a few times) cleared that entry.
2. Done
3. Done, used Google's public DNS servers
4. After 2 and 3, under Cached Lookups|.(root)|org there is an msexchange folder with5 entries of Name "(same as parent folder)" Type "Name Server (NS) Data ns3.dnsmadeeasy.com. (the 5 entries are ns0-4) and Timestamp "static"
Interestingly perhaps, I use dnsmadeeasy for my external dns for my various domains. However, I tried another dnsmadeeasy domain (underarmour.com) and it resolves fine.
Let's test this...
1. If you execute nslookup against your local DNS server and configure the search type to 'set type=ns' does your client return the information that you have in cache in your DNS server?
nslookup
server <yourDNSip>
set type=ns
msexchange.org
2. Try resolving the independent DNS names that appear as Name Servers and the desired url:
nslookup
server <yourDNSip>
set type=a
ns0.dnsmadeeasy.com
ns1.dnsmadeeasy.com...
ns4.dnsmadeeasy.com
www.msexchange.org
1. If you execute nslookup against your local DNS server and configure the search type to 'set type=ns' does your client return the information that you have in cache in your DNS server?
nslookup
server <yourDNSip>
set type=ns
msexchange.org
2. Try resolving the independent DNS names that appear as Name Servers and the desired url:
nslookup
server <yourDNSip>
set type=a
ns0.dnsmadeeasy.com
ns1.dnsmadeeasy.com...
ns4.dnsmadeeasy.com
www.msexchange.org
ASKER
1. Yes.
2. The ns0-4.dnsmadeeasy.com queries resolved correctly. The query to www.msexchange.org timed out. So did the query to msexchange.org
I'm out of office for a few hours so won't be able to further reply until later. Many thanks for your help!!
2. The ns0-4.dnsmadeeasy.com queries resolved correctly. The query to www.msexchange.org timed out. So did the query to msexchange.org
I'm out of office for a few hours so won't be able to further reply until later. Many thanks for your help!!
Thanks for the information.
When possible... please... make the same failed tests using nslookup. But this time from the DNS server (So we will check what happens with this server as a client).
When possible... please... make the same failed tests using nslookup. But this time from the DNS server (So we will check what happens with this server as a client).
If you have forewarders set up, then your DNS server is not resolving DNS queries, it is just caching results. You probably need to get in touch with your ISP, or whoever it is that runs the DNS server you are using.
This sort of problem is why I rarely use forwarders.
This sort of problem is why I rarely use forwarders.
ASKER
@schnellsolutions I tried from the server with the same result
@Malmensa I don't understand as all other websites/dns queries work fine. I've tried different dns servers after clearing cache and have the same problem. You use root hints instead?
@Malmensa I don't understand as all other websites/dns queries work fine. I've tried different dns servers after clearing cache and have the same problem. You use root hints instead?
I pretty much always use root hints, and let my DNS server be a DNS server. In theory this may be a little slower for some queries, but avoids having to rely on a third party.
ASKER
I'm following up to see if anyone has further thoughts. Using root hints is an option but doesn't answer the question of why I'm having problems with this one domain. There has to be a specific answer to this. I'm ok if not but thought I'd try again.
Thanks
Thanks
Definitively it looks like a problem with the third party DNs that you are using. Can you provide us the DNS ip in order to test some of these records.
ASKER
I'm using time warner business class DNS servers at 66.75.164.89 and .90. However, as noted above, the website resolves when using those dns servers from my gateway. I also tried changing my forwarders to google's public dns servers and that didn't solve the problem either.
I have checked that this problem is also sometimes related to issues with the DNS service.
For example the article https://support.microsoft.com/en-us/kb/2508835 shows one of these examples. Try to use the last service pack and relevant applied updates for your DNS server that is conducting the forwarding.
For example the article https://support.microsoft.com/en-us/kb/2508835 shows one of these examples. Try to use the last service pack and relevant applied updates for your DNS server that is conducting the forwarding.
ASKER
Thank you but this is a fully patched/updated server 2012 R2 dns server. That article says clearing the cache or restarting the server fixes the problem, which is not the case here.
I really appreciate the help! but it appears this is unsolvable for now. :(
I really appreciate the help! but it appears this is unsolvable for now. :(
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Needle in haystack problem. Appreciate others' help but I found solution.
I bet that these does not happen, but just in case, we assume that these things are normal:
- You don't have a local DNS zone in your DNS server with the name msexchange.org.
- You don't have a conditional forward in your DNS server configuration pointing to msexchange.org.
- You don't have a hosts file on your DNS operating system containing manual records for msexchange.org.
Try the following activities:
1. Configure the advance view for your DNS console in your servers and expand the CACHE container. Once there, ensure that there is not 'cache' containing entries for msexchange.org.
2. Clear the DNS cache for both of your servers (right click the server and select clear cache).
3. Try using a different DNS forwarder and try resolving the name again.
4. Let us know the information that you got inside the DNS server cache after this test.
Confirming again... you can resolve the rest of DNS Internet domain names right?