Archived from groups: microsoft.public.windowsnt.protocol.tcpip (More info?)
I posted this question on the DNS newsgroup, but since a
large part of my question is protocol related, I am
posting it here as well, but with a different description
and focus. Here is the problem:
A few times each week, my DNS server stops functioning due
to receiving more UDP Queries than it can respond to. The
DNS Manager reports UdpQueries as consistently being
higher than the UdpResponses. I guess you could say it
looks like a denial of service attack on my DNS server. I
solve the problem by stopping the Microsoft DNS Server
service for about 5 minutes. When I restart the service,
the problem is gone - providing the UdpQueries and
Responses remain equal.
I would like to identify the source of the UDP Queries
that are causing my DNS server to be unable to serve the
requests of all other PCs on my LAN. Can anyone suggest a
tool I could use to identify the source of these UDP
Queries? I have no experience with Packet analyzers, but
with a little help I am sure I could learn - if that is
the best approach.
Thank you.
-Chad
I posted this question on the DNS newsgroup, but since a
large part of my question is protocol related, I am
posting it here as well, but with a different description
and focus. Here is the problem:
A few times each week, my DNS server stops functioning due
to receiving more UDP Queries than it can respond to. The
DNS Manager reports UdpQueries as consistently being
higher than the UdpResponses. I guess you could say it
looks like a denial of service attack on my DNS server. I
solve the problem by stopping the Microsoft DNS Server
service for about 5 minutes. When I restart the service,
the problem is gone - providing the UdpQueries and
Responses remain equal.
I would like to identify the source of the UDP Queries
that are causing my DNS server to be unable to serve the
requests of all other PCs on my LAN. Can anyone suggest a
tool I could use to identify the source of these UDP
Queries? I have no experience with Packet analyzers, but
with a little help I am sure I could learn - if that is
the best approach.
Thank you.
-Chad