crawfordit
asked on
Windows 2k12 r2 DNS Speed issue
We had 2 AD servers at our primary location. Running Win2k3 AD and DNS and one DHCP.
We decided to upgrade the AD and DNS servers to WIN2K12 r2. Everything was up and running well with 4 servers 2(old) and 2(new).
Then I altered the DHCP to use the DNS of the new servers running WIN2K12. When this happened the resolve time for clients increased on average to 4 to 5 seconds.
Thankfully I only demoted one of the older servers running Windows Server 2k3. I added the last remaining 2k3 server back into the DHCP and this sped up the clients but the problem of Windows 2k12 is still an issue that needs to be resolved.
I have been using DNS Benchmark from Steve Gibson to see the differences in time compared to my older server and servers online
Final benchmark results, sorted by nameserver performance:
(average cached name retrieval speed, fastest to slowest)
10. 1. 1. 11 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.000 | 0.002 | 0.000 | 100.0 |
+ Uncached Name | 0.015 | 0.079 | 0.238 | 0.066 | 100.0 |
+ DotCom Lookup | 0.023 | 0.073 | 0.115 | 0.033 | 100.0 |
---<-------->---+-------+-
DC4
Local Network Nameserver
10. 1. 1. 3 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.000 | 0.000 | 0.000 | 100.0 |
+ Uncached Name | 3.552 | 4.138 | 8.085 | 0.758 | 97.8 |
+ DotCom Lookup | 3.461 | 3.888 | 4.596 | 0.404 | 97.7 |
---<-------->---+-------+-
WIN2K12-AD1
Local Network Nameserver
8. 8. 8. 8 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
- Cached Name | 0.004 | 0.004 | 0.006 | 0.000 | 100.0 |
- Uncached Name | 0.030 | 0.072 | 0.340 | 0.059 | 100.0 |
- DotCom Lookup | 0.040 | 0.079 | 0.153 | 0.042 | 100.0 |
---<-------->---+-------+-
google-public-dns-a.google
GOOGLE - Google Inc.,US
8. 8. 4. 4 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
- Cached Name | 0.004 | 0.004 | 0.005 | 0.000 | 100.0 |
- Uncached Name | 0.030 | 0.077 | 0.322 | 0.062 | 100.0 |
- DotCom Lookup | 0.040 | 0.076 | 0.164 | 0.041 | 100.0 |
---<-------->---+-------+-
google-public-dns-b.google
GOOGLE - Google Inc.,US
10. 1. 1. 5 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.006 | 0.254 | 0.039 | 100.0 |
+ Uncached Name | 3.474 | 4.332 | 8.175 | 1.316 | 97.7 |
+ DotCom Lookup | 3.470 | 4.043 | 4.660 | 0.448 | 97.6 |
---<-------->---+-------+-
WIN2K12-AD2
Local Network Nameserver
I did not post all the servers less than this. I think its pretty sad performance when google can out resolve your local DNS. Also WIN2k3 out preforms Win2k12.
There must be something in the config that is not right. This kind of slowness is not normal.
If anyone can help that would be great.
Thanks :)
We decided to upgrade the AD and DNS servers to WIN2K12 r2. Everything was up and running well with 4 servers 2(old) and 2(new).
Then I altered the DHCP to use the DNS of the new servers running WIN2K12. When this happened the resolve time for clients increased on average to 4 to 5 seconds.
Thankfully I only demoted one of the older servers running Windows Server 2k3. I added the last remaining 2k3 server back into the DHCP and this sped up the clients but the problem of Windows 2k12 is still an issue that needs to be resolved.
I have been using DNS Benchmark from Steve Gibson to see the differences in time compared to my older server and servers online
Final benchmark results, sorted by nameserver performance:
(average cached name retrieval speed, fastest to slowest)
10. 1. 1. 11 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.000 | 0.002 | 0.000 | 100.0 |
+ Uncached Name | 0.015 | 0.079 | 0.238 | 0.066 | 100.0 |
+ DotCom Lookup | 0.023 | 0.073 | 0.115 | 0.033 | 100.0 |
---<-------->---+-------+-
DC4
Local Network Nameserver
10. 1. 1. 3 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.000 | 0.000 | 0.000 | 100.0 |
+ Uncached Name | 3.552 | 4.138 | 8.085 | 0.758 | 97.8 |
+ DotCom Lookup | 3.461 | 3.888 | 4.596 | 0.404 | 97.7 |
---<-------->---+-------+-
WIN2K12-AD1
Local Network Nameserver
8. 8. 8. 8 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
- Cached Name | 0.004 | 0.004 | 0.006 | 0.000 | 100.0 |
- Uncached Name | 0.030 | 0.072 | 0.340 | 0.059 | 100.0 |
- DotCom Lookup | 0.040 | 0.079 | 0.153 | 0.042 | 100.0 |
---<-------->---+-------+-
google-public-dns-a.google
GOOGLE - Google Inc.,US
8. 8. 4. 4 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
- Cached Name | 0.004 | 0.004 | 0.005 | 0.000 | 100.0 |
- Uncached Name | 0.030 | 0.077 | 0.322 | 0.062 | 100.0 |
- DotCom Lookup | 0.040 | 0.076 | 0.164 | 0.041 | 100.0 |
---<-------->---+-------+-
google-public-dns-b.google
GOOGLE - Google Inc.,US
10. 1. 1. 5 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-
+ Cached Name | 0.000 | 0.006 | 0.254 | 0.039 | 100.0 |
+ Uncached Name | 3.474 | 4.332 | 8.175 | 1.316 | 97.7 |
+ DotCom Lookup | 3.470 | 4.043 | 4.660 | 0.448 | 97.6 |
---<-------->---+-------+-
WIN2K12-AD2
Local Network Nameserver
I did not post all the servers less than this. I think its pretty sad performance when google can out resolve your local DNS. Also WIN2k3 out preforms Win2k12.
There must be something in the config that is not right. This kind of slowness is not normal.
If anyone can help that would be great.
Thanks :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I've read that some routers or other networking equipment will drop packets that have a ECN bit set. Server 2012 has ECN turned on by default. Run the following to show current status.
If ECN Capability is enabled, you can run the following to disable it: (no reboot required)
netsh interface tcp show globalIf ECN Capability is enabled, you can run the following to disable it: (no reboot required)
netsh interface tcp set global ecncapability=disabledASKER
Thanks footech for the suggestion. We run a switched network and no routers from our clients that have issues. I tried it anyway with no change in symptoms.
ASKER
Sorry, can't think of anything else. You may want to request attention to see if others might chime in.
ASKER
TEST: Forwarders/Root hints (Forw)
Error: All forwarders in the forwarder list are invalid.
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 10.1.1.7 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 10.1.1.7
I ran dcdiag /test:DNS with this result. Now this DNS server is not active anymore. I ran ipconfig /flushdns and ipconfig/registerdns. Still the same result. How do I get is of this record. I looked in the DNS tool but there is no listing.
Error: All forwarders in the forwarder list are invalid.
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 10.1.1.7 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 10.1.1.7
I ran dcdiag /test:DNS with this result. Now this DNS server is not active anymore. I ran ipconfig /flushdns and ipconfig/registerdns. Still the same result. How do I get is of this record. I looked in the DNS tool but there is no listing.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I adjusted the forwarders to reflect each of the new dns servers with no improvement in speed. I then added 8.8.8.8 to each dns server and then the dns speed took off. Looks like they needed some outside servers to forward lookup info too.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for crawfordit's comment #a41314148
for the following reason:
... done
Accepted answer: 0 points for crawfordit's comment #a41314148
for the following reason:
... done
ASKER
..
ASKER
I should also mention these servers are VMware hosts as well. But all the AD servers are VM. Just thought I would add to make a clearer picture.