DNS Timeout for one website - Server 2012 R2 DNS

I am unable to go to the website msexchange.org from any of my domain computers or servers. The browser gives me site not found messages. nslookup on the client gives me a "DNS request timed out." message. As far back as I can remember, this is the only website with this problem, all others work fine.

DNS is on Windows Server 2012 R2 and nslookup on the DNS server gives me the same message. If I do "DNS Name Lookup" on my Sonicwall router, it resolves the name just fine when querying my ISP's DNS server. So, it's a problem with my internal DNS server. I've tried this on a different domain with the same result but that's a similarly configured domain so that is expected.

My DNS server is set to use Forwarders and "Use root hints ..." is selected.

I've restarted the DNS server and client and flushed the cache.

Not seeing any messages in the event logs.

Any thoughts?
jmlnetAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Schnell SolutionsSystems Infrastructure EngineerCommented:
Just in case...

I bet that these does not happen, but just in case, we assume that these things are normal:
- You don't have a local DNS zone in your DNS server with the name msexchange.org.
- You don't have a conditional forward in your DNS server configuration pointing to msexchange.org.
- You don't have a hosts file on your DNS operating system containing manual records for msexchange.org.

Try the following activities:
1. Configure the advance view for your DNS console in your servers and expand the CACHE container. Once there, ensure that there is not 'cache' containing entries for msexchange.org.
2. Clear the DNS cache for both of your servers (right click the server and select clear cache).
3. Try using a different DNS forwarder and try resolving the name again.
4. Let us know the information that you got inside the DNS server cache after this test.

Confirming again... you can resolve the rest of DNS Internet domain names right?
jmlnetAuthor Commented:
Thanks very much for the prompt reply and willingness to help.

-I can resolve the rest of DNS Internet domain names.
-I don't have a local DNS zone, conditional forward, or a hosts file with the name msexchange.org.

1. There was a cache folder for msexchange.org. Clearing the cache (as I've done a few times) cleared that entry.
2. Done
3. Done, used Google's public DNS servers
4. After 2 and 3, under Cached Lookups|.(root)|org there is an msexchange folder with5 entries of Name "(same as parent folder)" Type "Name Server (NS) Data ns3.dnsmadeeasy.com. (the 5 entries are ns0-4) and Timestamp "static"

Interestingly perhaps, I use dnsmadeeasy for my external dns for my various domains. However, I tried another dnsmadeeasy domain (underarmour.com) and it resolves fine.
Schnell SolutionsSystems Infrastructure EngineerCommented:
Let's test this...

1. If you execute nslookup against your local DNS server and configure the search type to 'set type=ns' does your client return the information that you have in cache in your DNS server?
nslookup
server <yourDNSip>
set type=ns
msexchange.org

2. Try resolving the independent DNS names that appear as Name Servers and the desired url:
nslookup
server <yourDNSip>
set type=a
ns0.dnsmadeeasy.com
ns1.dnsmadeeasy.com...
ns4.dnsmadeeasy.com
www.msexchange.org
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

jmlnetAuthor Commented:
1. Yes.
2. The ns0-4.dnsmadeeasy.com queries resolved correctly. The query to www.msexchange.org timed out. So did the query to msexchange.org

I'm out of office for a few hours so won't be able to further reply until later. Many thanks for your help!!
Schnell SolutionsSystems Infrastructure EngineerCommented:
Thanks for the information.

When possible... please... make the same failed tests using nslookup. But this time from the DNS server (So we will check what happens with this server as a client).
Mal OsborneAlpha GeekCommented:
If you have forewarders set up, then your DNS server is not resolving DNS queries, it is just caching results. You probably need to get in touch with your ISP, or whoever it is that runs the DNS server you are using.

This sort of problem is why I rarely use forwarders.
jmlnetAuthor Commented:
@schnellsolutions I tried from the server with the same result

@Malmensa I don't understand as all other websites/dns queries work fine. I've tried different dns servers after clearing cache and have the same problem. You use root hints instead?
Mal OsborneAlpha GeekCommented:
I pretty much always use root hints, and let my DNS server be a DNS server. In theory this may be a little slower for some queries, but avoids having to rely on a third party.
jmlnetAuthor Commented:
I'm following up to see if anyone has further thoughts. Using root hints is an option but doesn't answer the question of why I'm having problems with this one domain. There has to be a specific answer to this. I'm ok if not but thought I'd try again.

Thanks
Schnell SolutionsSystems Infrastructure EngineerCommented:
Definitively it looks like a problem with the third party DNs that you are using. Can you provide us the DNS ip in order to test some of these records.
jmlnetAuthor Commented:
I'm using time warner business class DNS servers at 66.75.164.89 and .90. However, as noted above, the website resolves when using those dns servers from my gateway. I also tried changing my forwarders to google's public dns servers and that didn't solve the problem either.
Schnell SolutionsSystems Infrastructure EngineerCommented:
I have checked that this problem is also sometimes related to issues with the DNS service.

For example the article https://support.microsoft.com/en-us/kb/2508835 shows one of these examples. Try to use the last service pack and relevant applied updates for your DNS server that is conducting the forwarding.
jmlnetAuthor Commented:
Thank you but this is a fully patched/updated server 2012 R2 dns server. That article says clearing the cache or restarting the server fixes the problem, which is not the case here.

I really appreciate the help! but it appears this is unsolvable for now. :(
jmlnetAuthor Commented:
Finally figured it out. Sonicwall's DNS Rebinding Attack Prevention was the culprit.

Thanks for all the help!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jmlnetAuthor Commented:
Needle in haystack problem. Appreciate others' help but I found solution.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.