Constantly have to restart DNS Server to resolve domains

  • Thread starter Thread starter Rody
  • Start date Start date
R

Rody

I have an internal DNS server for AD. This DNS server has forwarders
to external IPs. The internal DNS server has to be restarted once or
twice a day in order to forward client requests to external dns
servers. Why would this be?

The problem is that the employees constantly get errors in IE or
outlook that they can not resolve IP addresses. Why would the internal
DNS server need to be restarted all the time?

I have the internal dns to scavange stale records every day. I have
also set this to 5 hours and to the default of 7 days. This did not
solve my problem.

If I have the clients set to use the external dns servers then web and
outlook requests are solved no problem. But then i get issues of the
clients locking up at the "applying local settings" screen at logon...
I know this has to deal with not being able to find the AD due to the
clients not using internal DNS server.

So my main problem here is why do i have to restart the internal dns
server all the time to resolve web and outlook requests to resolve
domain names?
 
In Rody <[email protected]> posted a question
Then Kevin replied below:
: I have an internal DNS server for AD. This DNS server has forwarders
: to external IPs. The internal DNS server has to be restarted once or
: twice a day in order to forward client requests to external dns
: servers. Why would this be?
:
: The problem is that the employees constantly get errors in IE or
: outlook that they can not resolve IP addresses. Why would the internal
: DNS server need to be restarted all the time?
:
: I have the internal dns to scavange stale records every day. I have
: also set this to 5 hours and to the default of 7 days. This did not
: solve my problem.
:
: If I have the clients set to use the external dns servers then web and
: outlook requests are solved no problem. But then i get issues of the
: clients locking up at the "applying local settings" screen at logon...
: I know this has to deal with not being able to find the AD due to the
: clients not using internal DNS server.
:
: So my main problem here is why do i have to restart the internal dns
: server all the time to resolve web and outlook requests to resolve
: domain names?

You only have one internal DNS server?
just want to make sure you don't have two forwarding to each other.
Can you post the ipconfig /all from the DC and one client please?
 
Also post a dnscmd /info from the server. Sounds almost like the server is
getting stuck on a bad forwarder or something. Verify both forwarder IPs
are responding to queries using nslookup, netdig, etc. Personally, I would
NetMon the server to watch dns requests come in and see it what it is doing
when forwarding. Have clients point to *only the internal DNS server.
 
William Stacey said:
Also post a dnscmd /info from the server. Sounds almost like the server is
getting stuck on a bad forwarder or something. Verify both forwarder IPs
are responding to queries using nslookup, netdig, etc. Personally, I would
NetMon the server to watch dns requests come in and see it what it is doing
when forwarding. Have clients point to *only the internal DNS server.
Click to expand...

Heres some info. I still can not find a thing wrong anywhere...

Server ipconfig /all -------------------------------------

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : TNA_SERVER1
Primary DNS Suffix . . . . . . . : Tricon-rfid.c
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Tricon-rfid.c

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 8254
ction
Physical Address. . . . . . . . . : 00-C0-9F-1C-6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.160
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.160

Cliets IP-------------------------------------------------------
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.160


dnscmd /info ---------------------------------------------

Server info:
ptr = 00075D48
server name = TNA_SERVER1.Tricon-rfid.com
version = C2000005
DS container = c
Configuration:
dwLogLevel = 0000B011
dwDebugLevel = 00000000
dwRpcProtocol = FFFFFFFF
dwNameCheckFlag = 00000002
cAddressAnswerLimit = 0
dwRecursionRetry = 3
dwRecursionTimeout = 15
dwDsPollingInterval = 300
Configuration Flags:
fBootMethod = 3
fAdminConfigured = 1
fAllowUpdate = 1
fDsAvailable = 1
fAutoReverseZones = 1
fAutoCacheUpdate = 0
fSlave = 0
fNoRecursion = 0
fRoundRobin = 1
fLocalNetPriority = 1
fStrictFileParsing = 0
fLooseWildcarding = 0
fBindSecondaries = 1
fWriteAuthorityNs = 0
Aging Configuration:
ScavengingInterval = 1
DefaultAgingState = 1
DefaultRefreshInterval = 96
DefaultNoRefreshInterval = 96
ServerAddresses:
Addr Count = 1
Addr[0] => 192.168.1.160
ListenAddresses:
Addr Count = 1
Addr[0] => 192.168.1.160
Forwarders:
Addr Count = 2
Addr[0] => 208.57.0.10
Addr[1] => 208.57.0.11
forward timeout = 10
slave = 0
Command completed successfully.


NETDIAG -----------------------------------------------------
.......................................

Computer Name: TNA_SERVER1
DNS Host Name: TNA_SERVER1.Tricon-rfid.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 15 Model 1 Stepping 3, GenuineIntel
List of installed hotfixes :
Q147222
Q320877
q323172
Q323255
Q324096
Q324380
Q326830
Q326886
Q327696
Q328310
Q329115
Q329170
Q329834
Q810030
Q810649
Q810833
Q811630


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area Connection

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : TNA_SERVER1
IP Address . . . . . . . . : 192.168.1.160
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
Dns Servers. . . . . . . . : 192.168.1.160


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Passed

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
[WARNING] The DNS host name 'TNA_SERVER1.Tricon-rfid.com' valid onl
ows 2000 DNS Servers. [DNS_ERROR_NON_RFC_NAME]
PASS - All the DNS entries for DC are registered on DNS server '192
0'.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.


The command completed successfully
 
In Rody <[email protected]> posted a question
Then Kevin replied below:
: :: Also post a dnscmd /info from the server. Sounds almost like the
:: server is getting stuck on a bad forwarder or something. Verify
:: both forwarder IPs are responding to queries using nslookup, netdig,
:: etc. Personally, I would NetMon the server to watch dns requests
:: come in and see it what it is doing when forwarding. Have clients
:: point to *only the internal DNS server.
::
:
: Heres some info. I still can not find a thing wrong anywhere...
:
: Server ipconfig /all -------------------------------------
:
: Windows 2000 IP Configuration
:
: Host Name . . . . . . . . . . . . : TNA_SERVER1
: Primary DNS Suffix . . . . . . . : Tricon-rfid.c
: Node Type . . . . . . . . . . . . : Hybrid
: IP Routing Enabled. . . . . . . . : Yes
: WINS Proxy Enabled. . . . . . . . : No
: DNS Suffix Search List. . . . . . : Tricon-rfid.c
:
: Ethernet adapter Local Area Connection:
:
: Connection-specific DNS Suffix . :
: Description . . . . . . . . . . . : Intel(R) 8254
: ction
: Physical Address. . . . . . . . . : 00-C0-9F-1C-6
: DHCP Enabled. . . . . . . . . . . : No
: IP Address. . . . . . . . . . . . : 192.168.1.160
: Subnet Mask . . . . . . . . . . . : 255.255.255.0
: Default Gateway . . . . . . . . . : 192.168.1.3
: DNS Servers . . . . . . . . . . . : 192.168.1.160
:
: Cliets IP-------------------------------------------------------
: DHCP Enabled. . . . . . . . . . . : No
: IP Address. . . . . . . . . . . . : 192.168.1.5
: Subnet Mask . . . . . . . . . . . : 255.255.255.0
: Default Gateway . . . . . . . . . : 192.168.1.3
: DNS Servers . . . . . . . . . . . : 192.168.1.160
:
:
: dnscmd /info ---------------------------------------------
:
: Server info:
: ptr = 00075D48
: server name = TNA_SERVER1.Tricon-rfid.com
: version = C2000005
: DS container = c
: Configuration:
: dwLogLevel = 0000B011
: dwDebugLevel = 00000000
: dwRpcProtocol = FFFFFFFF
: dwNameCheckFlag = 00000002
: cAddressAnswerLimit = 0
: dwRecursionRetry = 3
: dwRecursionTimeout = 15
: dwDsPollingInterval = 300
: Configuration Flags:
: fBootMethod = 3
: fAdminConfigured = 1
: fAllowUpdate = 1
: fDsAvailable = 1
: fAutoReverseZones = 1
: fAutoCacheUpdate = 0
: fSlave = 0
: fNoRecursion = 0
: fRoundRobin = 1
: fLocalNetPriority = 1
: fStrictFileParsing = 0
: fLooseWildcarding = 0
: fBindSecondaries = 1
: fWriteAuthorityNs = 0
: Aging Configuration:
: ScavengingInterval = 1
: DefaultAgingState = 1
: DefaultRefreshInterval = 96
: DefaultNoRefreshInterval = 96
: ServerAddresses:
: Addr Count = 1
: Addr[0] => 192.168.1.160
: ListenAddresses:
: Addr Count = 1
: Addr[0] => 192.168.1.160
: Forwarders:
: Addr Count = 2
: Addr[0] => 208.57.0.10
: Addr[1] => 208.57.0.11
: forward timeout = 10
: slave = 0
: Command completed successfully.
:
:
: NETDIAG -----------------------------------------------------
: ......................................
:
: Computer Name: TNA_SERVER1
: DNS Host Name: TNA_SERVER1.Tricon-rfid.com
: System info : Windows 2000 Server (Build 2195)
: Processor : x86 Family 15 Model 1 Stepping 3, GenuineIntel
: List of installed hotfixes :
: Q147222
: Q320877
: q323172
: Q323255
: Q324096
: Q324380
: Q326830
: Q326886
: Q327696
: Q328310
: Q329115
: Q329170
: Q329834
: Q810030
: Q810649
: Q810833
: Q811630
:
:
: Netcard queries test . . . . . . . : Passed
:
:
:
: Per interface results:
:
: Adapter : Local Area Connection
:
: Netcard queries test . . . : Passed
:
: Host Name. . . . . . . . . : TNA_SERVER1
: IP Address . . . . . . . . : 192.168.1.160
: Subnet Mask. . . . . . . . : 255.255.255.0
: Default Gateway. . . . . . : 192.168.1.3
: Dns Servers. . . . . . . . : 192.168.1.160
:
:
: AutoConfiguration results. . . . . . : Passed
:
: Default gateway test . . . : Passed
:
: NetBT name test. . . . . . : Passed
:
: WINS service test. . . . . : Skipped
: There are no WINS servers configured for this interface.
:
:
: Global results:
:
:
: Domain membership test . . . . . . : Passed
:
:
: NetBT transports test. . . . . . . : Passed
: List of NetBt transports currently configured:
: NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
: 1 NetBt transport currently configured.
:
:
: Autonet address test . . . . . . . : Passed
:
:
: IP loopback ping test. . . . . . . : Passed
:
:
: Default gateway test . . . . . . . : Passed
:
:
: NetBT name test. . . . . . . . . . : Passed
:
:
: Winsock test . . . . . . . . . . . : Passed
:
:
: DNS test . . . . . . . . . . . . . : Passed
: [WARNING] The DNS host name 'TNA_SERVER1.Tricon-rfid.com' valid
: onl
: ows 2000 DNS Servers. [DNS_ERROR_NON_RFC_NAME]
: PASS - All the DNS entries for DC are registered on DNS server
: '192 0'.
:
:
: Redir and Browser test . . . . . . : Passed
: List of NetBt transports currently bound to the Redir
: NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
: The redir is bound to 1 NetBt transport.
:
: List of NetBt transports currently bound to the browser
: NetBT_Tcpip_{571BCDE8-9912-4310-8E57-DF4077177714}
: The browser is bound to 1 NetBt transport.
:
:
: DC discovery test. . . . . . . . . : Passed
:
:
: DC list test . . . . . . . . . . . : Passed
:
:
: Trust relationship test. . . . . . : Skipped
:
:
: Kerberos test. . . . . . . . . . . : Passed
:
:
: LDAP test. . . . . . . . . . . . . : Passed
:
:
: Bindings test. . . . . . . . . . . : Passed
:
:
: WAN configuration test . . . . . . : Skipped
: No active remote access connections.
:
:
: Modem diagnostics test . . . . . . : Passed
:
: IP Security test . . . . . . . . . : Passed
: IPSec policy service is active, but no policy is assigned.
:
:
: The command completed successfully

What is the domain name in ADU&C?
The Primary DNS suffix is Tricon-rfid.c but it looks like the domain name is
Tricon-rfid.com. If this is true then this is a disjointed namespace please
verify, and email me direct (remove the nospam) and I will forward a script
developed for MS support services for correcting the primary DNS suffix on a
DC. This would very much cause the DNS service to fail.
 
In Rody <[email protected]> posted a question
Then Kevin replied below:
: DNS test . . . . . . . . . . . . . : Passed
: [WARNING] The DNS host name 'TNA_SERVER1.Tricon-rfid.com' valid
: onl
: ows 2000 DNS Servers. [DNS_ERROR_NON_RFC_NAME]
In addition, this error is caused from the underscore in the host name, RFCs
do not allow underscores.
 
Back
Top