DNS stops responding throughout the day.

  • Thread starter Thread starter Steve Grosz
  • Start date Start date
S

Steve Grosz

I am running a DNS server on a P4 2.8g HT machine, which is also running
IIS.

Several times throughout the day, if I try to get to one of the domains
I'm hosting, I get a DNS error, saying that the domain can't be found.

At that time if I do a tracert to the domain, it fails.

If I wait about 5 minutes and do another tracert, the domain is found.

I'll check the DNS logs for errors, and there are none.

Any ideas why this is occuring? This is on a Win2003 server.

Thanks,
Steve
 
Steve Grosz said:
I am running a DNS server on a P4 2.8g HT machine, which is also running
IIS.

Several times throughout the day, if I try to get to one of the domains
I'm hosting, I get a DNS error, saying that the domain can't be found.

At that time if I do a tracert to the domain, it fails.
Click to expand...

The above implies that your IP is broken unless you
are merely saying that tracert never resolves the name
-- and thus never even starts the trace.
If I wait about 5 minutes and do another tracert, the domain is found.
Click to expand...

Do you have a mix of INTERNAL and EXTERNAL (or other)
DNS servers listed on the clients or on any forwarders at the
servers?

(Don't do that. Internal clients get internal only, forwarders
[usually] get external only.)
I'll check the DNS logs for errors, and there are none.

Any ideas why this is occuring? This is on a Win2003 server.
Click to expand...

What happens when you use NSLookup to try specific and
individual DNS servers, e.g.,

nslookup server.domain.com 192.168.10.1
nslookup server.domain.com 192.168.10.2

(Assuming that .1 is DNS1 and .2 is DNS2)

IGNORE any initial error in NSlookup relating to not finding
the NAME of the DNS SERVER. All you care about is if
the actual question you ask gets answered.


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC and/or use:

nltest /dsregdns /server:DC-ServerNameGoesHere

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Lable domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
 
Herb said:
The above implies that your IP is broken unless you
are merely saying that tracert never resolves the name
-- and thus never even starts the trace.
Click to expand...

That is what happens, the name doesn't resolve, and the trace won't begin.
If I wait about 5 minutes and do another tracert, the domain is found.
Click to expand...


Do you have a mix of INTERNAL and EXTERNAL (or other)
DNS servers listed on the clients or on any forwarders at the
servers?

(Don't do that. Internal clients get internal only, forwarders
[usually] get external only.)
Click to expand...

I do have a forwarder to my ISP DNS servers so if anything isn't found
internally it should try at the ISP DNS servers.
What happens when you use NSLookup to try specific and
individual DNS servers, e.g.,

nslookup server.domain.com 192.168.10.1
nslookup server.domain.com 192.168.10.2

(Assuming that .1 is DNS1 and .2 is DNS2)
Click to expand...

What I get if I try nslookup ns1.domain.com 192.168.10.1 (using my IP's) is:

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.161.x.x

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

IGNORE any initial error in NSlookup relating to not finding
the NAME of the DNS SERVER. All you care about is if
the actual question you ask gets answered.


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC and/or use:

nltest /dsregdns /server:DC-ServerNameGoesHere

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Lable domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
Click to expand...

I'm not using AD with DNS, just DNS server itself.

Steve
 
Back
Top