Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Primary DNS Server Drops out


  • Please log in to reply
9 replies to this topic

#1 Coolhead2001

Coolhead2001

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 11 March 2015 - 08:41 AM

Good Morning,

 

 

 

I recently took over Network Administration at a charity-based organization.  Lately, I've been noticing an issue with our primary DNS server.

 

 

 

If I set a workstation to use a specific DNS server address (our primary DNS server) and then try to reach out to the internet, say google.com, it comes back stating that the ping request could not find host google.com.  Please check the name and try again.  I am able to ping using ip address.

 

 

 

Naturally, I assumed that our DNS service was down on the primary.  But when I go into Server Manager > Roles > DNS Server, everything looks like it's running fine.  There are no errors in event manager on either the workstation or the server.  And when I restart the DNS Service, things suddenly begin to work again for about 5-30 minutes.  Then it goes down again.  Again, no errors.  No indication that there's a problem. 

 

 

 

Right now, this isn't a show stopper because our alternate DNS server is picking up the weight.  But I'd like to find out what's going on with our Primary DNS service.  I've checked the Advanced TCP/IP Settings and the DNS Service Addresses, in order of use follows the right order. 

 

Any insight or recommendations? 

 

Best Regards,

Robert C. Beatty

Network Administrator


Edited by Coolhead2001, 11 March 2015 - 08:41 AM.


BC AdBot (Login to Remove)

 


#2 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:16 AM

Posted 11 March 2015 - 09:33 AM

what server OS?


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#3 Coolhead2001

Coolhead2001
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 11 March 2015 - 09:41 AM

Windows Server 2008 Enterprise

Service Pack 1



#4 Coolhead2001

Coolhead2001
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 11 March 2015 - 10:02 AM

Looking through the Reverse Lookup Zones, it looks like my predecessor had our Name Server (server1) set to an IP that was not what it's actual IP address was.  For example, the DNS server is 192.168.2.50.  What was listed was 192.168.2.53.  Could that have been causing the issue?



#5 Coolhead2001

Coolhead2001
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 11 March 2015 - 10:33 AM

Unfortunately, even after adjusting the reverse lookup zone, we're still seeing the drop off.

 

Examining the Start of Authority (SOA) between each DNS server, I'm noticing that they're both listing themselves as the primary server.  I'm not sure if this would have an impact.  Any suggestions?

 

Update:

Looking at a laptop which is set to our primary DNS server only, I found a log stating "Name resolution for (website) timed out after the DNS server 192.168.2.xx:53 did not respond. 

I ran netstat on the server and that port shows as listening. 

 

Not sure if this is relevant, but figured I'd throw it into the pool. 


Edited by Coolhead2001, 11 March 2015 - 03:04 PM.


#6 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 11 March 2015 - 05:16 PM

If one is primary then the other should be secondary which means it contains a copy of what is on the primary. 

I would assume you would be running AD so the recommendation is AD integrated.

 

Concerning the primary does it have the internet dns servers listed in forwarders?



#7 Coolhead2001

Coolhead2001
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 12 March 2015 - 06:54 AM

To answer your questions:

- Our forwarders are our ISP DNS server2 (x2).  They've both validated as "ok". 

- Start of Authority on Server1 reads the primary server as Server1.  Start of Authority on Server2 reads the primary server as Server2.  It looks like my predecessor(s) set up DNS as a primary service on both servers? 



#8 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 12 March 2015 - 08:22 AM

Not sure how they could do that in a AD environment.  2nd dns server install asks for the primary dns server. It is one of the questions. Otherwise the secondary doesn't get updated from the primary. Looks like you will need to reinstall one. 

 

But that really doesn't explain why the primary is dropping out.

 

Might want to configure a workstation to only use the primary and see what happens.  If you can't access a web page do a nslookup of the dns server and see if it resolves.  If not ping it by ip to see if its live.

 

I am assuming you have reviewed the dns logs for errors on both.


Edited by Wand3r3r, 12 March 2015 - 08:24 AM.


#9 Coolhead2001

Coolhead2001
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 12 March 2015 - 08:56 AM

I've already had a workstation configured just to use the primary.  That's how I first observed the issue.  Thankfully, our company isn't affected because the alternate picks up DNS requests.  I do see records that indicate that the primary is passing updates to the secondary, though.  Sufficed to say, the environment doesn't make a whole lot of sense. 

 

Anyways, the primary works for about fifteen to thirty minutes once I restart the primary DNS service and then drops out again. 

 

Another interesting note is that, I can ping and tracert a website from any other workstation.  But running an nslookup from anywhere -- not just the test workstation -- (unless the DNS service has recently been restarted) comes up as a DNS timeout. 

 

Meh. 

 

I'm inclined to just recreate the DNS environment.  But I want to be sure that that's where the main problem is originating from.  I don't want to make a major change that might take our internet access out. 

 

On Server1, Properties > Advanced, I see:

Enable round robin is checked

Enable netmask ordering is checked

Secure cache against pollution is checked

 

Name checking: Multibyte (UTF8)

Load zone data on startup: From Active Directory & Registry

 

On Server2, Properties > Advanced, I see:

Bind Secondaries is checked

Enable round robin is checked

Enable netmask ordering is checked

Secure cache against pollution is checked.

Name checking: Multibyte (UTF8)

Load  zone data on startup: From Registry


Edited by Coolhead2001, 12 March 2015 - 09:06 AM.


#10 JackCheng

JackCheng

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:16 AM

Posted 13 March 2015 - 02:50 AM

I suggest you read the artical "How to Troubleshoot DNS Issue". 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users