Period of Slow dns resolution and I need Help!!!!

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.setup,microsoft.public.windows.server.dns,microsoft.public.windows.server.general,microsoft.public.windows.server.setup (More info?)

Here's my setup:

Windows 2000 servers. Very stable and extremely stable intranet dns
resolution for over 2 years.

New Bell T-1 to the internet with a high end Symantec firewall.

Dns forwarding is setup on the internal Win 2K dns servers. They forward to
the Bell dns servers, (2 of them).

The firewall does not play a role in the dns forwarding, we had that
function disabled because it was slow.

*********************

Here's the problem:

You can have very good browsing for many hours in the day. When loading a
site like www.cnn.com, the site will start loading within 2-3 seconds and
the user is satisfied.

Then you'll go thru a period, where the wait for what appears to be external
resolution and the return of the http data to the browser will increase to
5-12 seconds. Very seldom will it timeout, but you know that something is
running slow and not efficiently. Bell provided 2 dns servers for us to
forward to, and they are properly setup on our internal dns servers.

I don't really know why we are experiencing this. Finally, when a webpage
loads, after that, any browsing to subsequent links on that page are very
fast. So if you are in a slow period and the home page of cnn loads after
10 seconds, then any other links on that page will load in 1-2 seconds.

Can anyone provide any direction? I would appreciate anyone's help or
advice. Sometimes there is advice to check the number of hops to a site,
but I don't know how many hop or latency is too much for a resolution.


Thanks again,

Joe Hardin
Taylorsville, MS

spepa@c-gate.net

 

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.setup,microsoft.public.windows.server.dns,microsoft.public.windows.server.general,microsoft.public.windows.server.setup (More info?)

In news:OoxNsvh6EHA.2804@TK2MSFTNGP15.phx.gbl,
Joe Hardin <spepa@c-gate.net> made a post then I commented below
:: Here's my setup:
::
:: Windows 2000 servers. Very stable and extremely stable intranet dns
:: resolution for over 2 years.
::
:: New Bell T-1 to the internet with a high end Symantec firewall.
::
:: Dns forwarding is setup on the internal Win 2K dns servers. They
:: forward to the Bell dns servers, (2 of them).
::
:: The firewall does not play a role in the dns forwarding, we had that
:: function disabled because it was slow.
::
:: *********************
::
:: Here's the problem:
::
:: You can have very good browsing for many hours in the day. When
:: loading a site like www.cnn.com, the site will start loading within
:: 2-3 seconds and the user is satisfied.
::
:: Then you'll go thru a period, where the wait for what appears to be
:: external resolution and the return of the http data to the browser
:: will increase to 5-12 seconds. Very seldom will it timeout, but you
:: know that something is running slow and not efficiently. Bell
:: provided 2 dns servers for us to forward to, and they are properly
:: setup on our internal dns servers.
::
:: I don't really know why we are experiencing this. Finally, when a
:: webpage loads, after that, any browsing to subsequent links on that
:: page are very fast. So if you are in a slow period and the home
:: page of cnn loads after 10 seconds, then any other links on that
:: page will load in 1-2 seconds.
::
:: Can anyone provide any direction? I would appreciate anyone's help
:: or advice. Sometimes there is advice to check the number of hops to
:: a site, but I don't know how many hop or latency is too much for a
:: resolution.
::
::
:: Thanks again,
::
:: Joe Hardin
:: Taylorsville, MS
::
:: spepa@c-gate.net

Wow, this was cross-posted to many newsgroups. Since it's a DNS question, I
would think this post would be beneficial to keep it to the DNS
newsgroup(s). However, I replied to all of them to benefit everyone to see a
response.

That said, not sure what DNS addresses they provided you that you are using
for forwarding. Did you confirm they can be used as a forwarder? You can
test this yourself as well, just by using:
nslook -d2
You will see a question and answer in the top portion. Recursion Desired
would be the question, Recursion Available would be the answer in the answer
section. If you do not see Recurison Available, that will tell us they
cannot be used as a forwarder. If this is the case, your DNS server is
reverting to the Root Hints, which can show a *slight* delay, but not
always.

Here's an example using server 4.2.2.2 (one of GTE's servers) which show
Recursion is available in the "Got Answer" section. You can see where I
typed in 'server 4.2.2.2'. That changed the focus for nslookup to use
4.2.2.2 instead of my 192.168.5.200 DNS server.

------------------------------------------
C:\>nslookup -d2
------------
Default Server: london.nwtraders.msft
Address: 192.168.5.200
(I snipped the extra stuff here...)

> server 4.2.2.2
------------
SendRequest(), len 38
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
2.2.2.4.in-addr.arpa, type = PTR, class = IN

------------
------------
Got answer (190 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 1, authority records = 3, additional = 3
------------------------------------------


If you want, try 4.2.2.2 as the only forwarder and see if it improves.

--
Regards,
Ace

G O E A G L E S !!!
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================

 

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.setup,microsoft.public.windows.server.dns,microsoft.public.windows.server.general,microsoft.public.windows.server.setup (More info?)

Ace,

Thanks so much for answering, you've answered some of my questions before
and I appreciate it.

I've tried the nslookup -d2 query as you've suggested. (I've never used
that option of nslookup before). The first Bell dns IP is: 205.152.132.23
and it responded with: "recursion avail". I then tried the 2nd Bell dns
IP: 205.152.37.23 and the first time or so, it timed out with no response,
then after about a period of 90 seconds it responded properly with:
"recursion avail". Does that mean the 2nd server was down?

Can those servers be expected to go down very often? That makes me think
that I may want more than 2 forwarders in my internal dns system?

Also, please keep in mind on my internal dns servers I do not have recursion
enabled, (that is the box is "unchecked" if I remember correctly).

I would appreciate any additional comments.

Thanks again,

Joe Hardin
spepa@c-gate.net


"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:ej9OgIi6EHA.2192@TK2MSFTNGP14.phx.gbl...
> In news:OoxNsvh6EHA.2804@TK2MSFTNGP15.phx.gbl,
> Joe Hardin <spepa@c-gate.net> made a post then I commented below
> :: Here's my setup:
> ::
> :: Windows 2000 servers. Very stable and extremely stable intranet dns
> :: resolution for over 2 years.
> ::
> :: New Bell T-1 to the internet with a high end Symantec firewall.
> ::
> :: Dns forwarding is setup on the internal Win 2K dns servers. They
> :: forward to the Bell dns servers, (2 of them).
> ::
> :: The firewall does not play a role in the dns forwarding, we had that
> :: function disabled because it was slow.
> ::
> :: *********************
> ::
> :: Here's the problem:
> ::
> :: You can have very good browsing for many hours in the day. When
> :: loading a site like www.cnn.com, the site will start loading within
> :: 2-3 seconds and the user is satisfied.
> ::
> :: Then you'll go thru a period, where the wait for what appears to be
> :: external resolution and the return of the http data to the browser
> :: will increase to 5-12 seconds. Very seldom will it timeout, but you
> :: know that something is running slow and not efficiently. Bell
> :: provided 2 dns servers for us to forward to, and they are properly
> :: setup on our internal dns servers.
> ::
> :: I don't really know why we are experiencing this. Finally, when a
> :: webpage loads, after that, any browsing to subsequent links on that
> :: page are very fast. So if you are in a slow period and the home
> :: page of cnn loads after 10 seconds, then any other links on that
> :: page will load in 1-2 seconds.
> ::
> :: Can anyone provide any direction? I would appreciate anyone's help
> :: or advice. Sometimes there is advice to check the number of hops to
> :: a site, but I don't know how many hop or latency is too much for a
> :: resolution.
> ::
> ::
> :: Thanks again,
> ::
> :: Joe Hardin
> :: Taylorsville, MS
> ::
> :: spepa@c-gate.net
>
> Wow, this was cross-posted to many newsgroups. Since it's a DNS question,
> I would think this post would be beneficial to keep it to the DNS
> newsgroup(s). However, I replied to all of them to benefit everyone to see
> a response.
>
> That said, not sure what DNS addresses they provided you that you are
> using for forwarding. Did you confirm they can be used as a forwarder? You
> can test this yourself as well, just by using:
> nslook -d2
> You will see a question and answer in the top portion. Recursion Desired
> would be the question, Recursion Available would be the answer in the
> answer section. If you do not see Recurison Available, that will tell us
> they cannot be used as a forwarder. If this is the case, your DNS server
> is reverting to the Root Hints, which can show a *slight* delay, but not
> always.
>
> Here's an example using server 4.2.2.2 (one of GTE's servers) which show
> Recursion is available in the "Got Answer" section. You can see where I
> typed in 'server 4.2.2.2'. That changed the focus for nslookup to use
> 4.2.2.2 instead of my 192.168.5.200 DNS server.
>
> ------------------------------------------
> C:\>nslookup -d2
> ------------
> Default Server: london.nwtraders.msft
> Address: 192.168.5.200
> (I snipped the extra stuff here...)
>
>> server 4.2.2.2
> ------------
> SendRequest(), len 38
> HEADER:
> opcode = QUERY, id = 2, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
> 0
>
> QUESTIONS:
> 2.2.2.4.in-addr.arpa, type = PTR, class = IN
>
> ------------
> ------------
> Got answer (190 bytes):
> HEADER:
> opcode = QUERY, id = 2, rcode = NOERROR
> header flags: response, auth. answer, want recursion, recursion
> avail.
> questions = 1, answers = 1, authority records = 3, additional =
> 3
> ------------------------------------------
>
>
> If you want, try 4.2.2.2 as the only forwarder and see if it improves.
>
> --
> Regards,
> Ace
>
> G O E A G L E S !!!
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
> --
> =================================
>
>
>
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.setup,microsoft.public.windows.server.dns,microsoft.public.windows.server.general,microsoft.public.windows.server.setup (More info?)

In news:uE3Ttqi6EHA.3236@TK2MSFTNGP15.phx.gbl,
Joe Hardin <spepa@c-gate.net> made a post then I commented below
:: Ace,
::
:: Thanks so much for answering, you've answered some of my questions
:: before and I appreciate it.
::
:: I've tried the nslookup -d2 query as you've suggested. (I've never
:: used that option of nslookup before). The first Bell dns IP is:
:: 205.152.132.23 and it responded with: "recursion avail". I then
:: tried the 2nd Bell dns IP: 205.152.37.23 and the first time or so,
:: it timed out with no response, then after about a period of 90
:: seconds it responded properly with: "recursion avail". Does that
:: mean the 2nd server was down?
::
:: Can those servers be expected to go down very often? That makes me
:: think that I may want more than 2 forwarders in my internal dns
:: system?
::
:: Also, please keep in mind on my internal dns servers I do not have
:: recursion enabled, (that is the box is "unchecked" if I remember
:: correctly).
::
:: I would appreciate any additional comments.
::
:: Thanks again,
::
:: Joe Hardin
:: spepa@c-gate.net
::

Hi Joe,

Glad I was able to help you out in the past.

I tried 205.152.37.23 and got time outs as well. I guess that baby's down.
If you use more than two forwarders, it will still behave with the delay if
it hits a bad one first. I would just eliminate this one and replace it with
a known good one, like 4.2.2.2. Keep the other one as the first one. I would
also enable recursion (the checkbox at the bottom of the forwarders tab).
This way if all the forwarders go down, at least it will use the Roots.

Ace

 

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.windows.server.dns (More info?)

Well Ace,

I'm proud you found the Bell dns down just like I did. However now it's
back up. I did some general searching out on the internet and for a long
time people with Bell broadband connections have been complaing about the
erratic dns service at 205.152.37.23. Some of the people also complained
about the one you and I got to work, 205.152.132.23; but not as many.

I would like to ask a couple of questions about all of this as to what is
proper and functional.

1. How many entries would you place in the "forwarders" list? Wouldn't
you be better off to have the more the better? Wouldn't it be better to
have them from multiple providers? Look at this link, would you consider
any of these dns servers as alternates:

http://www.helpdesk.umd.edu/documents/1/1989/

2. Isn't it true that the dns server works from the top of the forwarder
list down to the bottom?

3. Considering the primary and secondary server entries for a
workstation, is it true that the workstation will not necessarily go to the
primary server first?

4. I have seen on occasion at the bottom of Internet Explorer the browser
cycling thru, .net, .com, ...etc, is this dns querying the various root
servers and you're seeing feedback in the IE bottom bar.

5. In the bottom bar of IE, when it says: "Opening page http://" does
that mean the dns resolution is complete and the data is now flowing back to
the browser? When watching the browser how do you know the progress of dns
resolution?

Well, I'll stop there. If you can give me some feedback on the above
questions it will help me decide how to change our dns forwarding.


Thanks again,

Joe Hardin
spepa@c-gate.net


"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:utPdOqk6EHA.1260@TK2MSFTNGP12.phx.gbl...
> In news:uE3Ttqi6EHA.3236@TK2MSFTNGP15.phx.gbl,
> Joe Hardin <spepa@c-gate.net> made a post then I commented below
> :: Ace,
> ::
> :: Thanks so much for answering, you've answered some of my questions
> :: before and I appreciate it.
> ::
> :: I've tried the nslookup -d2 query as you've suggested. (I've never
> :: used that option of nslookup before). The first Bell dns IP is:
> :: 205.152.132.23 and it responded with: "recursion avail". I then
> :: tried the 2nd Bell dns IP: 205.152.37.23 and the first time or so,
> :: it timed out with no response, then after about a period of 90
> :: seconds it responded properly with: "recursion avail". Does that
> :: mean the 2nd server was down?
> ::
> :: Can those servers be expected to go down very often? That makes me
> :: think that I may want more than 2 forwarders in my internal dns
> :: system?
> ::
> :: Also, please keep in mind on my internal dns servers I do not have
> :: recursion enabled, (that is the box is "unchecked" if I remember
> :: correctly).
> ::
> :: I would appreciate any additional comments.
> ::
> :: Thanks again,
> ::
> :: Joe Hardin
> :: spepa@c-gate.net
> ::
>
> Hi Joe,
>
> Glad I was able to help you out in the past.
>
> I tried 205.152.37.23 and got time outs as well. I guess that baby's down.
> If you use more than two forwarders, it will still behave with the delay
> if it hits a bad one first. I would just eliminate this one and replace it
> with a known good one, like 4.2.2.2. Keep the other one as the first one.
> I would also enable recursion (the checkbox at the bottom of the
> forwarders tab). This way if all the forwarders go down, at least it will
> use the Roots.
>
> Ace
>

 

[Guest]

Archived from groups: microsoft.public.win2000.dns,microsoft.public.windows.server.dns (More info?)

Joe, I responded to the post and to your email address.... See below for my
responses.

In news:OUvhI9t6EHA.824@TK2MSFTNGP11.phx.gbl,
Joe Hardin <spepa@c-gate.net> made a post then I commented below
:: Well Ace,
::
:: I'm proud you found the Bell dns down just like I did. However now
:: it's back up. I did some general searching out on the internet and
:: for a long time people with Bell broadband connections have been
:: complaing about the erratic dns service at 205.152.37.23. Some of
:: the people also complained about the one you and I got to work,
:: 205.152.132.23; but not as many.
::
:: I would like to ask a couple of questions about all of this as to
:: what is proper and functional.
::
:: 1. How many entries would you place in the "forwarders" list?
:: Wouldn't you be better off to have the more the better? Wouldn't it
:: be better to have them from multiple providers? Look at this link,
:: would you consider any of these dns servers as alternates:
::
:: http://www.helpdesk.umd.edu/documents/1/1989/

I would just use 2 forwarders. Maybe 3. I wouldn't go any further than that.
Keep the 'diable recursion' checkbox unchecked so it will still use your
Roots if these are down. You can choose any of those servers in that article
as a forwarder. If your ISP's is unreliable, I wouldn't use them at all. You
have a whole page of DNS servers in that article to choose from.


:: 2. Isn't it true that the dns server works from the top of the
:: forwarder list down to the bottom?

Yes.


:: 3. Considering the primary and secondary server entries for a
:: workstation, is it true that the workstation will not necessarily go
:: to the primary server first?

When it first tries, yes. If the first doesn't answer, it will go to the
next and remove the first from the eligible resolvers list and will NOT go
back to it unles you restart the DNS client service or the machine.

:: 4. I have seen on occasion at the bottom of Internet Explorer the
:: browser cycling thru, .net, .com, ...etc, is this dns querying the
:: various root servers and you're seeing feedback in the IE bottom bar.

That's just IE affixing different suffixes if it can't resolve the one you
typed in, or if you typed it in without a suffix.

::
:: 5. In the bottom bar of IE, when it says: "Opening page http://"
:: does that mean the dns resolution is complete and the data is now
:: flowing back to the browser? When watching the browser how do you
:: know the progress of dns resolution?

Not necessarily. IE is jumping the gun. You need to use nslookup or ping to
check resolution, not IE.


::
:: Well, I'll stop there. If you can give me some feedback on the above
:: questions it will help me decide how to change our dns forwarding.

Forwarding forces DNS to use another machine to resolve, not itself. That's
it.

Ace