DNS Forwarding problem

Toggle sidebar Toggle sidebar
E

Ed

Distinguished
Apr 1, 2004
1,253
0
19,280
Archived from groups: microsoft.public.win2000.dns (More info?)

Hi all,

Having a problem that I have not been able to resolve -
we are intermittantly losing name resolution to the
Internet. Web browsing will work fine for a period of
time and then just stop for anywhere from 30 seconds to 5
minutes. This has been going on for several weeks but has
become worse over the past week. Here's my setup:

Single W2K SP4 server
- DC
- DNS
- AV server
- 2 NICs (one GB adapter w/ static IP, one 100MB w/
APIPA address assigned (not in use).

DNS is setup as AD-integrated and configured to forward
external queries to external (our ISP) DNS servers.

35 Windows XP SP2 workstations

During these stoppages I can ping IP addresses on the
Internet but cannot ping www.xxxx.xxx. Our firewall
appears to be operating normally and I can't find any
viruses or spyware on the server or workstations. It
appears to be a Windows DNS problem; during these
outages, I can connect a non-domain connected laptop to
the network and access the Internet without any problems
provided I use the external DNS addresses.

Any suggestions? It's starting to really impact day-to-
day operations.

Thanks
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

I would start NetMon'ing the DNS server to catch one of these issues where
the server does not reply with answer. After using NetMon for awhile, you
should be able to filter for just the dns packets or start and stop captures
at the right time to see what is going on. My quess would be some router
issue and/or related interface issue (where reply arrives on wrong
interface, etc.)

--
William Stacey, MVP

"Ed" <anonymous@discussions.microsoft.com> wrote in message
news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
> Hi all,
>
> Having a problem that I have not been able to resolve -
> we are intermittantly losing name resolution to the
> Internet. Web browsing will work fine for a period of
> time and then just stop for anywhere from 30 seconds to 5
> minutes. This has been going on for several weeks but has
> become worse over the past week. Here's my setup:
>
> Single W2K SP4 server
> - DC
> - DNS
> - AV server
> - 2 NICs (one GB adapter w/ static IP, one 100MB w/
> APIPA address assigned (not in use).
>
> DNS is setup as AD-integrated and configured to forward
> external queries to external (our ISP) DNS servers.
>
> 35 Windows XP SP2 workstations
>
> During these stoppages I can ping IP addresses on the
> Internet but cannot ping www.xxxx.xxx. Our firewall
> appears to be operating normally and I can't find any
> viruses or spyware on the server or workstations. It
> appears to be a Windows DNS problem; during these
> outages, I can connect a non-domain connected laptop to
> the network and access the Internet without any problems
> provided I use the external DNS addresses.
>
> Any suggestions? It's starting to really impact day-to-
> day operations.
>
> Thanks
 
E

Ed

Distinguished
Apr 1, 2004
1,253
0
19,280
Archived from groups: microsoft.public.win2000.dns (More info?)

Ok, I ran netmon and and got lucky enough to catch one of
these "incidents" - it appears that the ISP's DNS server
is responding to my local DNS server with a "Server
Failure" notification (RCode = Server Failure). When it
happens, both of their DNS servers return this code.

Any thoughts?

Thanks


>-----Original Message-----
>I would start NetMon'ing the DNS server to catch one of
these issues where
>the server does not reply with answer. After using
NetMon for awhile, you
>should be able to filter for just the dns packets or
start and stop captures
>at the right time to see what is going on. My quess
would be some router
>issue and/or related interface issue (where reply
arrives on wrong
>interface, etc.)
>
>--
>William Stacey, MVP
>
>"Ed" <anonymous@discussions.microsoft.com> wrote in
message
>news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
>> Hi all,
>>
>> Having a problem that I have not been able to resolve -
>> we are intermittantly losing name resolution to the
>> Internet. Web browsing will work fine for a period of
>> time and then just stop for anywhere from 30 seconds
to 5
>> minutes. This has been going on for several weeks but
has
>> become worse over the past week. Here's my setup:
>>
>> Single W2K SP4 server
>> - DC
>> - DNS
>> - AV server
>> - 2 NICs (one GB adapter w/ static IP, one 100MB w/
>> APIPA address assigned (not in use).
>>
>> DNS is setup as AD-integrated and configured to forward
>> external queries to external (our ISP) DNS servers.
>>
>> 35 Windows XP SP2 workstations
>>
>> During these stoppages I can ping IP addresses on the
>> Internet but cannot ping www.xxxx.xxx. Our firewall
>> appears to be operating normally and I can't find any
>> viruses or spyware on the server or workstations. It
>> appears to be a Windows DNS problem; during these
>> outages, I can connect a non-domain connected laptop to
>> the network and access the Internet without any
problems
>> provided I use the external DNS addresses.
>>
>> Any suggestions? It's starting to really impact day-to-
>> day operations.
>>
>> Thanks
>
>.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Could be the format of the request is bad and they return SrvFail instead of
FormErr or they indeed have some internal error (i.e. internal exception,
their forwarder or NS not replying, etc.) Use dig or NetDig to make
directed queries using this name to their server to see if it happens every
time. If so, and you believe it should not, then email the dig output to
the ISP, see what version of bind or ms dns they run, etc.

--
William Stacey, MVP

"Ed" <anonymous@discussions.microsoft.com> wrote in message
news:171201c499be$a16519d0$a401280a@phx.gbl...
> Ok, I ran netmon and and got lucky enough to catch one of
> these "incidents" - it appears that the ISP's DNS server
> is responding to my local DNS server with a "Server
> Failure" notification (RCode = Server Failure). When it
> happens, both of their DNS servers return this code.
>
> Any thoughts?
>
> Thanks
>
>
> >-----Original Message-----
> >I would start NetMon'ing the DNS server to catch one of
> these issues where
> >the server does not reply with answer. After using
> NetMon for awhile, you
> >should be able to filter for just the dns packets or
> start and stop captures
> >at the right time to see what is going on. My quess
> would be some router
> >issue and/or related interface issue (where reply
> arrives on wrong
> >interface, etc.)
> >
> >--
> >William Stacey, MVP
> >
> >"Ed" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
> >> Hi all,
> >>
> >> Having a problem that I have not been able to resolve -
> >> we are intermittantly losing name resolution to the
> >> Internet. Web browsing will work fine for a period of
> >> time and then just stop for anywhere from 30 seconds
> to 5
> >> minutes. This has been going on for several weeks but
> has
> >> become worse over the past week. Here's my setup:
> >>
> >> Single W2K SP4 server
> >> - DC
> >> - DNS
> >> - AV server
> >> - 2 NICs (one GB adapter w/ static IP, one 100MB w/
> >> APIPA address assigned (not in use).
> >>
> >> DNS is setup as AD-integrated and configured to forward
> >> external queries to external (our ISP) DNS servers.
> >>
> >> 35 Windows XP SP2 workstations
> >>
> >> During these stoppages I can ping IP addresses on the
> >> Internet but cannot ping www.xxxx.xxx. Our firewall
> >> appears to be operating normally and I can't find any
> >> viruses or spyware on the server or workstations. It
> >> appears to be a Windows DNS problem; during these
> >> outages, I can connect a non-domain connected laptop to
> >> the network and access the Internet without any
> problems
> >> provided I use the external DNS addresses.
> >>
> >> Any suggestions? It's starting to really impact day-to-
> >> day operations.
> >>
> >> Thanks
> >
> >.
> >
 
E

Ed

Distinguished
Apr 1, 2004
1,253
0
19,280
Archived from groups: microsoft.public.win2000.dns (More info?)

Thanks for the info - is there any additional
documentation for this app - I think I'm doing something
wrong as I can never resolve the ISP's DNS.

Thanks

>-----Original Message-----
>Could be the format of the request is bad and they
return SrvFail instead of
>FormErr or they indeed have some internal error (i.e.
internal exception,
>their forwarder or NS not replying, etc.) Use dig or
NetDig to make
>directed queries using this name to their server to see
if it happens every
>time. If so, and you believe it should not, then email
the dig output to
>the ISP, see what version of bind or ms dns they run,
etc.
>
>--
>William Stacey, MVP
>
>"Ed" <anonymous@discussions.microsoft.com> wrote in
message
>news:171201c499be$a16519d0$a401280a@phx.gbl...
>> Ok, I ran netmon and and got lucky enough to catch one
of
>> these "incidents" - it appears that the ISP's DNS
server
>> is responding to my local DNS server with a "Server
>> Failure" notification (RCode = Server Failure). When it
>> happens, both of their DNS servers return this code.
>>
>> Any thoughts?
>>
>> Thanks
>>
>>
>> >-----Original Message-----
>> >I would start NetMon'ing the DNS server to catch one
of
>> these issues where
>> >the server does not reply with answer. After using
>> NetMon for awhile, you
>> >should be able to filter for just the dns packets or
>> start and stop captures
>> >at the right time to see what is going on. My quess
>> would be some router
>> >issue and/or related interface issue (where reply
>> arrives on wrong
>> >interface, etc.)
>> >
>> >--
>> >William Stacey, MVP
>> >
>> >"Ed" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
>> >> Hi all,
>> >>
>> >> Having a problem that I have not been able to
resolve -
>> >> we are intermittantly losing name resolution to the
>> >> Internet. Web browsing will work fine for a period
of
>> >> time and then just stop for anywhere from 30 seconds
>> to 5
>> >> minutes. This has been going on for several weeks
but
>> has
>> >> become worse over the past week. Here's my setup:
>> >>
>> >> Single W2K SP4 server
>> >> - DC
>> >> - DNS
>> >> - AV server
>> >> - 2 NICs (one GB adapter w/ static IP, one 100MB w/
>> >> APIPA address assigned (not in use).
>> >>
>> >> DNS is setup as AD-integrated and configured to
forward
>> >> external queries to external (our ISP) DNS servers.
>> >>
>> >> 35 Windows XP SP2 workstations
>> >>
>> >> During these stoppages I can ping IP addresses on
the
>> >> Internet but cannot ping www.xxxx.xxx. Our firewall
>> >> appears to be operating normally and I can't find
any
>> >> viruses or spyware on the server or workstations. It
>> >> appears to be a Windows DNS problem; during these
>> >> outages, I can connect a non-domain connected
laptop to
>> >> the network and access the Internet without any
>> problems
>> >> provided I use the external DNS addresses.
>> >>
>> >> Any suggestions? It's starting to really impact day-
to-
>> >> day operations.
>> >>
>> >> Thanks
>> >
>> >.
>> >
>
>.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

All doco in with the Build in html files. look at one for dig.html I think.
You could also use my NetDig 2.5 at www.mvptools.com. for easy GUI version
of dig. Makes it easy to copy the output window to email too. Does require
Framework 1.1 be installed before use however, but is one exe ( one for GUI,
one for console) so easy to move around, copy, etc.

--
William Stacey, MVP

"Ed" <anonymous@discussions.microsoft.com> wrote in message
news:1fe401c49a72$8ad34f70$a301280a@phx.gbl...
> Thanks for the info - is there any additional
> documentation for this app - I think I'm doing something
> wrong as I can never resolve the ISP's DNS.
>
> Thanks
>
> >-----Original Message-----
> >Could be the format of the request is bad and they
> return SrvFail instead of
> >FormErr or they indeed have some internal error (i.e.
> internal exception,
> >their forwarder or NS not replying, etc.) Use dig or
> NetDig to make
> >directed queries using this name to their server to see
> if it happens every
> >time. If so, and you believe it should not, then email
> the dig output to
> >the ISP, see what version of bind or ms dns they run,
> etc.
> >
> >--
> >William Stacey, MVP
> >
> >"Ed" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:171201c499be$a16519d0$a401280a@phx.gbl...
> >> Ok, I ran netmon and and got lucky enough to catch one
> of
> >> these "incidents" - it appears that the ISP's DNS
> server
> >> is responding to my local DNS server with a "Server
> >> Failure" notification (RCode = Server Failure). When it
> >> happens, both of their DNS servers return this code.
> >>
> >> Any thoughts?
> >>
> >> Thanks
> >>
> >>
> >> >-----Original Message-----
> >> >I would start NetMon'ing the DNS server to catch one
> of
> >> these issues where
> >> >the server does not reply with answer. After using
> >> NetMon for awhile, you
> >> >should be able to filter for just the dns packets or
> >> start and stop captures
> >> >at the right time to see what is going on. My quess
> >> would be some router
> >> >issue and/or related interface issue (where reply
> >> arrives on wrong
> >> >interface, etc.)
> >> >
> >> >--
> >> >William Stacey, MVP
> >> >
> >> >"Ed" <anonymous@discussions.microsoft.com> wrote in
> >> message
> >> >news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
> >> >> Hi all,
> >> >>
> >> >> Having a problem that I have not been able to
> resolve -
> >> >> we are intermittantly losing name resolution to the
> >> >> Internet. Web browsing will work fine for a period
> of
> >> >> time and then just stop for anywhere from 30 seconds
> >> to 5
> >> >> minutes. This has been going on for several weeks
> but
> >> has
> >> >> become worse over the past week. Here's my setup:
> >> >>
> >> >> Single W2K SP4 server
> >> >> - DC
> >> >> - DNS
> >> >> - AV server
> >> >> - 2 NICs (one GB adapter w/ static IP, one 100MB w/
> >> >> APIPA address assigned (not in use).
> >> >>
> >> >> DNS is setup as AD-integrated and configured to
> forward
> >> >> external queries to external (our ISP) DNS servers.
> >> >>
> >> >> 35 Windows XP SP2 workstations
> >> >>
> >> >> During these stoppages I can ping IP addresses on
> the
> >> >> Internet but cannot ping www.xxxx.xxx. Our firewall
> >> >> appears to be operating normally and I can't find
> any
> >> >> viruses or spyware on the server or workstations. It
> >> >> appears to be a Windows DNS problem; during these
> >> >> outages, I can connect a non-domain connected
> laptop to
> >> >> the network and access the Internet without any
> >> problems
> >> >> provided I use the external DNS addresses.
> >> >>
> >> >> Any suggestions? It's starting to really impact day-
> to-
> >> >> day operations.
> >> >>
> >> >> Thanks
> >> >
> >> >.
> >> >
> >
> >.
> >
 
E

Ed

Distinguished
Apr 1, 2004
1,253
0
19,280
Archived from groups: microsoft.public.win2000.dns (More info?)

Well, looks like the problem has resolved itself - I
removed all of the Forwarder information and simply let
Windows DNS perform recursive queries to whatever DNS
server it can contact - looks like it is the ISP's
problem. While surfing is not consistently as crisp as it
was using the Forwarders (when they resolved correctly),
it is much more reliable and fast most of the time.

Any idea what could be going on with the ISP's DNS
servers? I'm a little weak on the finer points of DNS (at
least for Internet resolution) so I don't know that I
would be able to recognize the cause, only the symptoms :)

Thanks for your help....


>-----Original Message-----
>All doco in with the Build in html files. look at one
for dig.html I think.
>You could also use my NetDig 2.5 at www.mvptools.com. for
easy GUI version
>of dig. Makes it easy to copy the output window to email
too. Does require
>Framework 1.1 be installed before use however, but is one
exe ( one for GUI,
>one for console) so easy to move around, copy, etc.
>
>--
>William Stacey, MVP
>
>"Ed" <anonymous@discussions.microsoft.com> wrote in
message
>news:1fe401c49a72$8ad34f70$a301280a@phx.gbl...
>> Thanks for the info - is there any additional
>> documentation for this app - I think I'm doing something
>> wrong as I can never resolve the ISP's DNS.
>>
>> Thanks
>>
>> >-----Original Message-----
>> >Could be the format of the request is bad and they
>> return SrvFail instead of
>> >FormErr or they indeed have some internal error (i.e.
>> internal exception,
>> >their forwarder or NS not replying, etc.) Use dig or
>> NetDig to make
>> >directed queries using this name to their server to see
>> if it happens every
>> >time. If so, and you believe it should not, then email
>> the dig output to
>> >the ISP, see what version of bind or ms dns they run,
>> etc.
>> >
>> >--
>> >William Stacey, MVP
>> >
>> >"Ed" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:171201c499be$a16519d0$a401280a@phx.gbl...
>> >> Ok, I ran netmon and and got lucky enough to catch
one
>> of
>> >> these "incidents" - it appears that the ISP's DNS
>> server
>> >> is responding to my local DNS server with a "Server
>> >> Failure" notification (RCode = Server Failure). When
it
>> >> happens, both of their DNS servers return this code.
>> >>
>> >> Any thoughts?
>> >>
>> >> Thanks
>> >>
>> >>
>> >> >-----Original Message-----
>> >> >I would start NetMon'ing the DNS server to catch one
>> of
>> >> these issues where
>> >> >the server does not reply with answer. After using
>> >> NetMon for awhile, you
>> >> >should be able to filter for just the dns packets or
>> >> start and stop captures
>> >> >at the right time to see what is going on. My quess
>> >> would be some router
>> >> >issue and/or related interface issue (where reply
>> >> arrives on wrong
>> >> >interface, etc.)
>> >> >
>> >> >--
>> >> >William Stacey, MVP
>> >> >
>> >> >"Ed" <anonymous@discussions.microsoft.com> wrote in
>> >> message
>> >> >news:9a2701c4974b$8e9ea700$a501280a@phx.gbl...
>> >> >> Hi all,
>> >> >>
>> >> >> Having a problem that I have not been able to
>> resolve -
>> >> >> we are intermittantly losing name resolution to
the
>> >> >> Internet. Web browsing will work fine for a period
>> of
>> >> >> time and then just stop for anywhere from 30
seconds
>> >> to 5
>> >> >> minutes. This has been going on for several weeks
>> but
>> >> has
>> >> >> become worse over the past week. Here's my setup:
>> >> >>
>> >> >> Single W2K SP4 server
>> >> >> - DC
>> >> >> - DNS
>> >> >> - AV server
>> >> >> - 2 NICs (one GB adapter w/ static IP, one 100MB
w/
>> >> >> APIPA address assigned (not in use).
>> >> >>
>> >> >> DNS is setup as AD-integrated and configured to
>> forward
>> >> >> external queries to external (our ISP) DNS
servers.
>> >> >>
>> >> >> 35 Windows XP SP2 workstations
>> >> >>
>> >> >> During these stoppages I can ping IP addresses on
>> the
>> >> >> Internet but cannot ping www.xxxx.xxx. Our
firewall
>> >> >> appears to be operating normally and I can't find
>> any
>> >> >> viruses or spyware on the server or workstations.
It
>> >> >> appears to be a Windows DNS problem; during these
>> >> >> outages, I can connect a non-domain connected
>> laptop to
>> >> >> the network and access the Internet without any
>> >> problems
>> >> >> provided I use the external DNS addresses.
>> >> >>
>> >> >> Any suggestions? It's starting to really impact
day-
>> to-
>> >> >> day operations.
>> >> >>
>> >> >> Thanks
>> >> >
>> >> >.
>> >> >
>> >
>> >.
>> >
>
>.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

> Well, looks like the problem has resolved itself - I
> removed all of the Forwarder information and simply let
> Windows DNS perform recursive queries to whatever DNS
> server it can contact - looks like it is the ISP's
> problem.

I know this is just a typo thing, but when you remove all forwarders, the
DNS server does not send recursive queries any longer - only non-recursive
or iterative queries. Just a note...

> While surfing is not consistently as crisp as it
> was using the Forwarders (when they resolved correctly),
> it is much more reliable and fast most of the time.

Sounds good. Total side note...I just got 18th hole tickets to the Rider
Cup tommorow!!! Cheers!

--
William Stacey, MVP
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom