nslookup periodic failure

[colin chap]

Scenario: Windows 2003 AD and Integrated DNS. AD DNS's forward to unix
servers which forward to the internet - fairly normal. AD DNS servers don't
reference theirself as first DNS server....

however, the issue is that about 1 in 10 nslookups for external domains
fails, and I've no idea why. Example is below

I notice if I set the timeout to say 4 seconds this doesn't appear - is this
just the issue that the default timeouts of nslookup are too tight ?

www.boots.com

Server: [a.b.c.d]
Address: a.b.c.d

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to [a.b.c.d] timed-out

www.boots.com

Server: [a.b.c.d]
Address: a.b.c.d

Non-authoritative answer:
Name: www.boots.com
Address: 195.92.255.39

 

[Kevin D. Goodknecht Sr. [MVP]]

Scenario: Windows 2003 AD and Integrated DNS. AD DNS's forward to unix
servers which forward to the internet - fairly normal. AD DNS servers
don't reference theirself as first DNS server....

What is the first DNS server, if not itself?
I hope it is not the Unix, because that would be a big problem. Though, it
may not be related to the nslookup "error", which is really just a message,
if it is looking for the PTRs.
All members of an AD Domain must use only the DNS server that supports the
AD domain, even if it is itself and the only AD DNS server.

This could possibly be just missing PTRs for the DNS servers, I would have
to see nslookup with a -d2 switch to see what the name lookup is that is
timing out.

www.boots.com

Server: [a.b.c.d]
Address: a.b.c.d

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to [a.b.c.d] timed-out

www.boots.com

Server: [a.b.c.d]
Address: a.b.c.d

Non-authoritative answer:
Name: www.boots.com
Address: 195.92.255.39

 

[PScyime via WinServerKB.com]

Hi

From my experience nslookup reports a different message if PTR RR's are
missing ( wow R overdose!!) but I am always willing to be suprised in this
game

Where is that lookup failing - if your MS DNS forwards to BIND and then what?
to the root servers or to an ISP DNS?

Like Kevin says nslookup -d2 <querydomain> <DNS server to be queried> I
think from memory but check with /? should provide some more info

Regards

Simon

Scenario: Windows 2003 AD and Integrated DNS. AD DNS's forward to unix
servers which forward to the internet - fairly normal. AD DNS servers
don't reference theirself as first DNS server....

What is the first DNS server, if not itself?
I hope it is not the Unix, because that would be a big problem. Though, it
may not be related to the nslookup "error", which is really just a message,
if it is looking for the PTRs.
All members of an AD Domain must use only the DNS server that supports the
AD domain, even if it is itself and the only AD DNS server.

This could possibly be just missing PTRs for the DNS servers, I would have
to see nslookup with a -d2 switch to see what the name lookup is that is
timing out.

www.boots.com

Server: [a.b.c.d]

[quoted text clipped - 12 lines]

Name: www.boots.com
Address: 195.92.255.39

--
Simon Whyley
MCP XP,2Kpro
Comptia A+


Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/windows-2000-dns/200508/1