DNS running at 100%

  • Thread starter Thread starter Steve Duff [MVP]
  • Start date Start date
S

Steve Duff [MVP]

First try just restarting the DNS service, if you haven't
already. If you are running ISA Server also on this
machine (or SBS with ISA), audit that configuration
carefully.

There is one hotfix for Win2K3 Server I know of for this type of
issue, and there were some DNS bugs pre-SP3 on Windows 2000
Server that could cause high CPU.

But otherwise I haven't seen this problem in a very long time. You
might just try reapplying SP4 (and subsequent critical updates).

Something may simply be flooding DNS with queries. If you
disconnect from your LAN and it is still 100% then it is something
on that server (or not that at all). Crank up netmon, filter on port
53 and see what you have going on.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
 
Hello All,
First. Thanks to all that help others.... your knowledge is indespencible!

My Win 2K server is experiencing dns runnig at 100%
I get these errors in event viewer

Evt ID 4016
The DNS server timed out attempting an Active Directory service operation
on ---. Check Active Directory to see that it is functioning properly. The
event data contains the error.

Evt ID 9999
The DNS server has encountered numerous run-time events. These are usually
caused by the reception of bad or unexpected packets, or from problems with
or excessive replication traffic. The data is the number of suppressed
events encountered in the last 15 minute interval.

As far as I can tell AD if functioning correctly. I am not getting any AD
errors in event viewr.

Any ideas are appreciated

MMJII
 
In
MMJII said:
Hello All,
First. Thanks to all that help others.... your knowledge
is indespencible!

My Win 2K server is experiencing dns runnig at 100%
I get these errors in event viewer

Evt ID 4016
The DNS server timed out attempting an Active Directory
service operation on ---. Check Active Directory to see
that it is functioning properly. The event data contains
the error.

Evt ID 9999
The DNS server has encountered numerous run-time events.
These are usually caused by the reception of bad or
unexpected packets, or from problems with or excessive
replication traffic. The data is the number of
suppressed events encountered in the last 15 minute
interval.

As far as I can tell AD if functioning correctly. I am
not getting any AD errors in event viewr.
Click to expand...

How many DNS servers do you have and how are they configured as for as
forwarders, primary or secondary zones, etc.?
How about the ipconfig /all ?
 
Sorry it took so long for the reply, all hell broke out with other problems.
The reboot suggestions seems to have resolved this issue. No high cpu
utilization since the reboot on the 30th.

Thanes to all for your help!
MMJII
 
I'm having the same problem. I have 2 servers running DNS both are win2k
w/sp4, one primary and one secondary. As of 2 days ago they were working
fine. Now if I run DNS on both of them the CPU usage hits 100 percent on both
servers. If I stop the DNS service on either system the CPU usage drops to
about 4% on both servers. I have rebooted both systems with no help. Once
they come up they run fine for 2 or 3 minutes then the CPU hits 100%. There
is nothing in the event logs to indicate any problems. The only events are
informational events not even a warning. I let the systems sit for 2 hours
thinking there may just be some bad replication going on and hoped an event
would be posted but nothing. If I let the systems stay in this state the
servers eventually run out of system resources and become unstable. The
primary DNS server is my DC and the secondary is just a file server. The only
other thing is the secondary server will spikes from 95% to 100%. The primary
stays right a 100%

There is a KB post about this but it is for sp3. I have checked the DNS.exe
version against the version list for the hot fix in the KB and my version is
newer.
 
In
copa2000 said:
I'm having the same problem. I have 2 servers running DNS
both are win2k w/sp4, one primary and one secondary. As
of 2 days ago they were working fine. Now if I run DNS on
both of them the CPU usage hits 100 percent on both
servers. If I stop the DNS service on either system the
CPU usage drops to about 4% on both servers. I have
rebooted both systems with no help. Once they come up
they run fine for 2 or 3 minutes then the CPU hits 100%.
There is nothing in the event logs to indicate any
problems. The only events are informational events not
even a warning. I let the systems sit for 2 hours
thinking there may just be some bad replication going on
and hoped an event would be posted but nothing. If I let
the systems stay in this state the servers eventually run
out of system resources and become unstable. The primary
DNS server is my DC and the secondary is just a file
server. The only other thing is the secondary server will
spikes from 95% to 100%. The primary stays right a 100%

There is a KB post about this but it is for sp3. I have
checked the DNS.exe version against the version list for
the hot fix in the KB and my version is newer.
Click to expand...

You would not happen to have these two DNS servers forwarding to each other
would you?
If you do, then that is most likely the problem, this sets up a DNS loop
that will cause this behavior.
 
No niether servers is forwarding to each other. There is only one thing that
changed on my network. One of my remote offices lost power and there server
(wich is another DC in AD) shutdown. But it was only down for 10 minutes.
This is the only thing that has happend since this problem. Otherwise the DNS
had been runing fine.
 
In
copa2000 said:
No niether servers is forwarding to each other. There is
only one thing that changed on my network. One of my
remote offices lost power and there server (wich is
another DC in AD) shutdown. But it was only down for 10
minutes. This is the only thing that has happend since
this problem. Otherwise the DNS had been runing fine.
Click to expand...

What are your forwarders?
Do you have any advanced logging enabled?
 
My forwards are to external connections and I don't have any of the logging
on. I have one new situation. As I was playing around with this. I stopped
both services again and started them up. Now the primary server pegs to 100%
but the secondary is running fine.
 
I figured out the problem. I stopped replication between my 2 servers and CPU
usage dropped to normal. I had a feeling that it was a replication issue with
the reverse lookup zones. As the primary server was the first server to peg
100% when this started I figured to start there. I deleted all of the reverse
lookup zones and then replicated them from the secondary server one by one.
After rebuilding them all CPU usage has been normal.
 
Back
Top