DNS Forwarding Not Working

[Guest]

DNS forwarding works intermittently. No email. No internet. ISP said it is not them. Setup each wkstn with DNS info bypassing DHCP server. XP machines boot slow, but mail and internet now working. What could it be?

 

[Kevin D. Goodknecht [MVP]]

In Allan Raskin <[email protected]> posted a question
Then Kevin replied below:
: DNS forwarding works intermittently. No email. No internet. ISP said
: it is not them. Setup each wkstn with DNS info bypassing DHCP server.
: XP machines boot slow, but mail and internet now working. What could
: it be??

Did you define a forwarder on the forwarders tab?
The XP clients are booting slow due to using ISP's DNS in TCP/IP properties,
you must only use local AD DNS server.
If you are unable to resolve all internet names or just the ones using the
local domain name there is a fix for that. We need more info about your
setup to advise you properly.
Also we need to know is the DC Win2k or Win2k3, there are issues with EDNS0
in Win2k3.

 

[Guest]

W2K Server. Domain name on server is domain.com not domain.local. Forwarding is enabled and IP address for two ISP DNS servers has been added. The company has a website that is hosted by the ISP. On the local server a new host was added for the "A" record. It is named "www" and has the IP address for the ISP web server that hosts the company website. Sometimes mail and internet work including the company website, and sometimes not. When the internet stops working, all websites are unavailable: msn, yahoo, excite, etc. When the DNS fails, email stops as well. You can type an IP address for the url and surf the web, or type the IP address for pop and smtp and receive mail.

 

[Kevin D. Goodknecht [MVP]]

In Allan Raskin <[email protected]> posted a question
Then Kevin replied below:
: W2K Server. Domain name on server is domain.com not domain.local.
: Forwarding is enabled and IP address for two ISP DNS servers has been
: added. The company has a website that is hosted by the ISP. On the
: local server a new host was added for the "A" record. It is named
: "www" and has the IP address for the ISP web server that hosts the
: company website. Sometimes mail and internet work including the
: company website, and sometimes not. When the internet stops working,
: all websites are unavailable: msn, yahoo, excite, etc. When the DNS
: fails, email stops as well. You can type an IP address for the url
: and surf the web, or type the IP address for pop and smtp and receive
: mail.

From your description, you have put your ISP's DNS in your machines NIC's
TCP/IP settings, this is incorrect and will cause slow boot and errors.
Remove the ISP's DNS and put in the DC's address for DNS.
The DNS server on the DC may need to be configured to resolve internet names
if it is not resolving them. It is recommended that you enable a forwarder
to your ISP's DNS, this is the only place on your network that should refer
to your ISP's DNS. If the forwarders tab is grayed out then there is a "."
forward lookup zone, delete it and refresh the DNS console (close and reopen
will work) You can then enable the forwarder. Read this starting at step 3:
300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202&FR=1

Any names in your domain name that exist on the internet will need to be
added to your internal zone. You've said you already added the www, you may
need to add one for mail, that depends on how your public servers are
configured.

 

[Guest]

All is setup in accordance with your instructions. It works for a day or two and then internet and email drop out. The pop and smtp are "mail.isp.com". The domain on the server is "domain.com", as previously described. When the problem first surfaced, rebooting the router fixed the problem (T-1). Sometimes the router and the w2k server have to be rebooted to correct the problem. The ISP controls the router. I have no access to it. Could this be a hardware/router problem?? Again, if I change back to AD and DNS forwarding, internet access and email will work properly for a couple of days. I am presuming that if DNS forwarding and the new host, "A" record, were not set up properly, internet and email would not work at all...ever. The server is patched with W2K SP4. tks

 

[Kevin D. Goodknecht [MVP]]

In Allan Raskin <[email protected]> posted a question
Then Kevin replied inline:
: All is setup in accordance with your instructions. It works for a day
: or two and then internet and email drop out. The pop and smtp are
: "mail.isp.com". The domain on the server is "domain.com", as
: previously described. When the problem first surfaced, rebooting the
: router fixed the problem (T-1). Sometimes the router and the w2k
: server have to be rebooted to correct the problem. The ISP controls
: the router. I have no access to it. Could this be a hardware/router
: problem??
Maybe.

: I am
: presuming that if DNS forwarding and the new host, "A" record, were
: not set up properly, internet and email would not work at all...ever.
: The server is patched with W2K SP4. tks

If the A record was not setup right your DNS server just would not be able
to give you the IP address of your website.

I just need you to verify that the clients are NOT using the router or the
ISP for DNS.
I have asked several times and you have beat all around the question.

Also in the DNS console, on the DNS server's Properties, on the Forwarders
tab, do you have a forwarder?


: Again, if I change back to AD and DNS forwarding, internet
: access and email will work properly for a couple of days.
Please clarify this statement.

 

[William Stacey]

Lets see:
1) ipconfig /all on your client.
2) dnscmd /info on your dns server
3) ipconfig /all on your dns server

--
William Stacey, MVP

All is setup in accordance with your instructions. It works for a day or

two and then internet and email drop out. The pop and smtp are
"mail.isp.com". The domain on the server is "domain.com", as previously
described. When the problem first surfaced, rebooting the router fixed the
problem (T-1). Sometimes the router and the w2k server have to be rebooted
to correct the problem. The ISP controls the router. I have no access to it.
Could this be a hardware/router problem?? Again, if I change back to AD and
DNS forwarding, internet access and email will work properly for a couple of
days. I am presuming that if DNS forwarding and the new host, "A" record,
were not set up properly, internet and email would not work at all...ever.
The server is patched with W2K SP4. tks

 

[Guest]

I thought I provided the info requested. Sorry. Perhaps I do not understand your question. This is a single server network with NAT running on the router. The router is 192.168.1.1 and the server is 192.168.1.2. The Address Range is 192.168.1 - 254, and the excluded addresses are 192.168.1.1 - 25. DHCP scope options are Router as 192.168.1 and DNS Servers as 192.168.1.2. Under DNS properties, Interfaces is set to listen on all IP addresses with 192.168.1.2 in the box. On the Forwarders tab, enable forwarders is checked, and the IP address for each of two ISP DNS servers has been added as forwarders. On the server under "My Network Places" / "Local Area Connection" / Properties / TCP-IP Properties the Default Gateway is set to 192.168.1.1 and the Preferred DNS Server is set to 192.168.1.2. This configuration has typically worked for a couple of days and then stopped working...no internet, and no mail. The end users changed the DNS configuration on their own Win 2000 and Win XPP workstations from "Obtain DNS server address automatically" to "Use the following DNS server addresses". They type in the IP address of each of the two ISP DNS servers and they are up. IP address and gateway address on the workstations are still obtained from the DHCP server. Nobody is using the router for DNS.

 

[William Stacey]

We can quickly determine issues by seeing the information in a format we see
all the time - the issue "jump" out at us. Reading long textual
descriptions of the problems that sometimes get "modified" to hide IPs makes
it very difficult. I would still like to the see the info I asked for if
you still require help. Cheers!

--
William Stacey, MVP

I thought I provided the info requested. Sorry. Perhaps I do not

understand your question. This is a single server network with NAT running
on the router. The router is 192.168.1.1 and the server is 192.168.1.2. The
Address Range is 192.168.1 - 254, and the excluded addresses are
192.168.1.1 - 25. DHCP scope options are Router as 192.168.1 and DNS Servers
as 192.168.1.2. Under DNS properties, Interfaces is set to listen on all IP
addresses with 192.168.1.2 in the box. On the Forwarders tab, enable
forwarders is checked, and the IP address for each of two ISP DNS servers
has been added as forwarders. On the server under "My Network Places" /
"Local Area Connection" / Properties / TCP-IP Properties the Default Gateway
is set to 192.168.1.1 and the Preferred DNS Server is set to 192.168.1.2.
This configuration has typically worked for a couple of days and then
stopped working...no internet, and no mail. The end users changed the DNS
configuration on their own Win 2000 and Win XPP workstations from "Obtain
DNS server address automatically" to "Use the following DNS server
addresses". They type in the IP address of each of the two ISP DNS servers
and they are up. IP address and gateway address on the workstations are
still obtained from the DHCP server. Nobody is using the router for DNS.

 

[Guest]

I am not on site everyday. I will try to get the info by tomorrow evening and post. tks.

 

[Kevin D. Goodknecht [MVP]]

In Allan Raskin <[email protected]> posted a question
Then Kevin replied below:
: I thought I provided the info requested. Sorry. Perhaps I do not
: understand your question. This is a single server network with NAT
: running on the router. The router is 192.168.1.1 and the server is
: 192.168.1.2. The Address Range is 192.168.1 - 254, and the excluded
: addresses are 192.168.1.1 - 25. DHCP scope options are Router as
: 192.168.1 and DNS Servers as 192.168.1.2. Under DNS properties,
: Interfaces is set to listen on all IP addresses with 192.168.1.2 in
: the box. On the Forwarders tab, enable forwarders is checked, and the
: IP address for each of two ISP DNS servers has been added as
: forwarders. On the server under "My Network Places" / "Local Area
: Connection" / Properties / TCP-IP Properties the Default Gateway is
: set to 192.168.1.1 and the Preferred DNS Server is set to
: 192.168.1.2. This configuration has typically worked for a couple of
: days and then stopped working...no internet, and no mail. The end
: users changed the DNS configuration on their own Win 2000 and Win XPP
: workstations from "Obtain DNS server address automatically" to "Use
: the following DNS server addresses". They type in the IP address of
: each of the two ISP DNS servers and they are up. IP address and
: gateway address on the workstations are still obtained from the DHCP
: server. Nobody is using the router for DNS.

The clients must use the DC for DNS, no ifs, ands or buts. If they are not
getting internet resolution we can go from there.
From the server you can use nslookup or dig or if you have it use Netdig to
check the DNS server to see if it is resolving names. If it is not the first
thing to check is on the advanced tab to see if 'Disable recursion' is
checked if it is uncheck it.
Do not allow clients to use ISP's DNS. After you fix the clients by pointing
them to the server run ipconfig /flushdns.