DNS Storm

  • Thread starter Thread starter xandoz
  • Start date Start date
X

xandoz

hello all...

occasionally receive error in DNS event viewer like this:

DNS server is configured to forward to a non-recursive DNS server at
192.5.5.241

which is f.root-servers.net in Palo Alto CA.

or some other 192.x.x.x IP will show up. that was just the address dejour.

internal is 192.168.x.x, one DNS server. internet connects thru NAT with
firewall. (yes, it's cfg correctly) forwarders are to my ISP only.
recursion is not disabled. this just ain't so.....

problem is that when it occurs it causes a storm that slows down the
network to a crawl. must bounce DNS for it to stop and flush the cache.
annoying as a cloud of gnats.

can anyone tell me what checkbox i've missed or is this a problem with some
one else's DNS cfg out there? (unlikely but possible i suppose)

regards,

xandoz
 
In
xandoz said:
hello all...

occasionally receive error in DNS event viewer like this:

DNS server is configured to forward to a non-recursive DNS server at
192.5.5.241

which is f.root-servers.net in Palo Alto CA.

or some other 192.x.x.x IP will show up. that was just the address
dejour.

internal is 192.168.x.x, one DNS server. internet connects thru NAT
with firewall. (yes, it's cfg correctly) forwarders are to my ISP
only. recursion is not disabled. this just ain't so.....

problem is that when it occurs it causes a storm that slows down the
network to a crawl. must bounce DNS for it to stop and flush the
cache. annoying as a cloud of gnats.

can anyone tell me what checkbox i've missed or is this a problem
with some one else's DNS cfg out there? (unlikely but possible i
suppose)

regards,

xandoz
Click to expand...

Occasionally we see someone here with your problem it may be the
configuration of your ISP's DNS, try using 4.2.2.2 as a forwarder.
 
In
xandoz said:
hello all...

occasionally receive error in DNS event viewer like this:

DNS server is configured to forward to a non-recursive DNS server at
192.5.5.241

which is f.root-servers.net in Palo Alto CA.

or some other 192.x.x.x IP will show up. that was just the address
dejour.

internal is 192.168.x.x, one DNS server. internet connects thru NAT
with firewall. (yes, it's cfg correctly) forwarders are to my ISP
only. recursion is not disabled. this just ain't so.....

problem is that when it occurs it causes a storm that slows down the
network to a crawl. must bounce DNS for it to stop and flush the
cache. annoying as a cloud of gnats.

can anyone tell me what checkbox i've missed or is this a problem
with some one else's DNS cfg out there? (unlikely but possible i
suppose)

regards,

xandoz
Click to expand...

Root servers can't be used as a forwarder. They disallow it anyway (RA
[recursion available] bit not set).

Use the one Kevin gave you.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top