Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS-Connection is fine when clicking repair!!!!!

Status
Not open for further replies.
Jomercat

Jomercat

Programmer
Sep 1, 2004
100
US
Hi all,

Hope somebody can help!!!!!!

One computer in our network seems to lose the dns connection on a daily basis. I can ping the external DNS servers, but when I try to access the Internet, the "Page cannot be displayed" message appears. Windows XP has a feature "Repair" available when right clicking the Local Area Connection. Clicking this feature (Reapairing the connection) seems to solve the problem. However, according to the user, he does this a few times a day.

Does anybody have any idea why this is happening?

Thanks in advance.

Jose.
 
Sort by date Sort by votes
i would advise that you take a look at your server. i see the same issue happen here at my work once in a while and it is a server issue.

good luck!

Some people make things happen, some people watch things happen, while others wonder what happened.
 
Upvote 0 Downvote
cupid11213,

Thanks for your reply!!!

Do you know the specific issue?

Did you guys fix it?

I also think is something with the DNS server, but not sure what it is.

I am using a DNS forwarder as the primary DNS server on the DNS list; then, the first and second external DNS servers as the second and third on the DNS list.

Thannks again.

Jose.
 
Upvote 0 Downvote
On the WKS, use your DNS server(s) as the primary and alternate (alternate if you have two internal DNS servers, blank if only one). NO OTHER DNS servers

Server uses it's own IP, as primary, alternate uses a second internal DNS server if you have one, NO OTHERS

Forwarders, use the 2 DNS servers' IP addresses of your ISP, also add another couple of ISPs DNS server's address (not your ISP) in case you ISP screws with the DNS servers or they go down (it happens).

If windows 2003, lookup enableDnsprobes.




........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
technome,

Thanks for the reply!!

One of the DNS servers requires access to the Internet as I am using it as a SUS server. So I have the DNS forwarder address as the primary and its own IP address as the secondary. If I switch them arround so that its own IP is the primary and the forwarder the secondary, I cannot access the Internet.

How should I configure it in this case?

Thanks.

Jose.
 
Upvote 0 Downvote
Your DNS servers definitly have a problem, the external DNS servers should only be used as forwarders, not in ANY server or workstation primary or alternate DNS entries. At the momement your DNS servers are able to do queries.

Run DcDiag /v
Run NetDiag /v
Run nslockup

post the errors, also look in the event logs.

While your at it...
Check your MTU setting with the following..

Use the pathping command to your ISPs DNS address, if the MTU is correct you should have few if any lost packets.
Pathping <isp's dns address>
Pathping <
........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
technome,

Our DNS forwarder (Internal DNS) has the external DNS servers addresses.

On the servers/workstations that need access to the Internet, I use the DNS forwarder as the primary DNS server and one of the internal DNS servers as a secondary. So on my previous message, I meant that the DNS server, which needs access to the Internet, has the DNS forwarder as the primary and it self as the secondary.

You mentioned that the Internal DNS server must point to it self as the DNS server for the primary and any other internal as the secondary.

However, switching the DNS addresses arround as itself to the primary and the DNS forwarder as the secondary, the server cannot access the Internet.

I thought that Windows 2000 would try the second DNS on the list if the first one does not resolve the request.

I appreciate your reply.

Thanks.

Jose.
 
Upvote 0 Downvote
On the servers/workstations that need access to the Internet, I use the DNS forwarder as the primary DNS server"

For DNS security against DNS server which have viruses or which hackers institute to cause havoc forwarder are used, as large ISP are unlikely to be infected by either. For safety, the "Do not use recursion" is checked off so the internal servers will only go to forwarders for DNS answers. Uncheck, the internal servers go to the forwarders, then to Tom, Dick or Harry's DNS server if the forwarders fail to produce an answer. Extremely rare that the forwarders will not produce a query result, so do not worry about not allowing your DNS server to query servers other than those on the forward list.

Correctly setup your workstations and server only point to internal DNS servers. WKS to the primary and secondary internal servers, the internal servers to themselves. If the internal DNS is working correctly, and your primary does not work, the queries will be answered by the alternate internal server (which in turn get the queries answered by the forwarders).

"You mentioned that the Internal DNS server must point to it self as the DNS server for the primary and any other internal as the secondary."
"must point to.." No, it works as you have it, but it is not working as it should.

I would highly recommend Mark Minasi's Mastering Windows Server by Sybex...he has an excellent detailed section on proper DNS setup.

Another benefit of getting your DNS server working properly is your queries will be faster, as the internal servers will cache the queries, and any previously sites will be in the DNS server cache.

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
First, let's get back to the workstation. Is the problem solved? You never mentioned if it's using dhcp or a fixed ip address. If it's dhcp, then yes it could be the server. Have you checked the logs on the workstation for clues? Has the workstation ever been without this problem? Let's get some more info on the problem area, especially if it's the only one on the network.

Glen A. Johnson
If you like fun and sun, check out Tek-Tips Florida Forum
"Education is the best provision for old age."
Aristotles (384 BC-322 BC); Greek philosopher.
 
Upvote 0 Downvote
Thanks to all of you replying to my message!!!!!

I really appreciate it!!

technome- Very good reply!!! I will follow your advice.

GlenJohnson- The workstation is a Windows XP and it's the only one, out of 50+ computers on our network, reporting this issue. I am not using DHCP.

Thanks.

Jose.
 
Upvote 0 Downvote
Ok, if yoi're not using dhcp, I'm guessing the problem lies with the workstation. Is there anything repetitive about the problem? Does it happen at the same time each day, is it random? Did you check the log files on the client? Good luck.

Glen A. Johnson
If you like fun and sun, check out Tek-Tips Florida Forum
"Education is the best provision for old age."
Aristotles (384 BC-322 BC); Greek philosopher.
 
Upvote 0 Downvote
sorry for replying so late i could not get back to it earlier. technome has you on the right path so please follow his advise and post any questions or issues on here and we'll get to them soon.

and yes we did resolve the issue here at work and basically set it up like technome said.



Some people make things happen, some people watch things happen, while others wonder what happened.
 
Upvote 0 Downvote
OK, I was not scavenging the stale records. In other words, the "Enable automatic scavenging of stale records" was unchecked. It is posible that at one point in time the ip address of some workstations was used by another computer(s). Could that be causing it? I enabled it and the old records are gone now, which is a good thing, I assume.

As far as the DNS addresses on the workstations, I was not too clear on technome's...

"Uncheck, the internal servers go to the forwarders, then to Tom, Dick or Harry's DNS server if the forwarders fail to produce an answer."

I do not see any option of checking/unchecking this feature.

Here is what I have:

I have three DNS servers, the primary which is the Master Domain Controller, a secondary which is the Domain Replica, and a third which is a stand alone server.

The stand alone server is configured as a forwarder. It has a Forward and Reverse Lookup Zones for my domain. On the Forwarders list, I have the IP addresses of our ISP.

On the workstations, I have the IP address of the stand alone server as the primary DNS and the Master Domain address as the secondary.

When a user experiences the Internet connection issue, I change the second DNS address on the workstatios to one of the ISP addresses and everything works fine.

Again, is it posible that not scavenging the old records could have caused my issues.

technome- I happened to have the book you recomended. I used it for the MCSE Windows 2000 accelerated exam when Windows NT credential was supposed to be retired.

Hope this was not too long guys.

Thanks to all of you for your help!!!!

Jose.




 
Upvote 0 Downvote
Uncheck, the internal servers go to the forwarders..."
Should have used the word unchecked.
"Do Not use recursion" is located in the DNS mmc, properties, forwarders tab, at the bottom.

"When a user experiences the Internet connection issue, I change the second DNS address on the workstations to one of the ISP addresses and everything works fine."
If this is needed to get the Internet, it means your WKS is not communicating with your server's DNS service, your bypassing your servers for queries. Why not bypass the standalone, use the DC as forwarders, as a test and have your wks go to the DCs for queries. Not sure how you have this setup, if the three servers are not AD-integrated your DNS servers will have different records.

If you follow Mark's book exactly for split brain DNS, you should not have problems.

If it is a communications problem it could be a cable, flooded switch port, stretching it, malware or virus. Enable logging, on the properties of the involved DNS servers, or better yet run the Ethereal sniffer.


........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Going by the setup suggested above by Technome (thank you) I don't know why any of my servers or workstations work at all for surfing.

Our surfing is real slow even with only one person surfing (I can watch ALL internet connectons on all ports from my station).

I never added the DNS forwarding for my Adelphia DNS server IP's so I assume EVERY request must be defaulting to the Root Hints - eek!

Help me people! I have two internet providers going into a Watchguard Firebox. One adelphia Cable connection (primary) and one Satellite (secondary). Should I ONLY have the DNS forwarding set to the two DNS server IP's provided by Adelphia and also the two DNS IP'S provided by DirecWay?

Thanks for the book suggestion - it's already on its way.

Thank you,

-E
 
Upvote 0 Downvote
I never added the DNS forwarding for my Adelphia DNS server IP's so I assume EVERY request must be defaulting to the Root Hints - eek!"
Yes, if you do not have forwarders, the root hint servers are working for you, the default. Many server use the root hints, so using forwarders without recursion is an added, but not absolutely needed safety measure.

Multiple DNS server IPs in forwarders....Since you have satellite with the associated delays, I would use another ISPs DNS servers, but maintain DNS server IPs from 2 different ISPs. A week ago the cable company where I am changed something on DNS servers, they went down, only one of my clients had a problem..the one not setup with multiple ISP DNS addresses.

Speed problem...Use the pathping command to ping a your ISPs DNS servers, also a web site such as yahoo.com (not google.com). If you have many lost packets, adjust your MTU size if possible. Not sure how the Directway will react, if the MTU is set for the cable..each broad connection can need a different MTU setting. Sounds strange as a cable connection, even with a low bandwidth is still fast, sounds as if the satellite is the primary, though I am sure you have it set up correctly. For testing, I would get the satellite connection off of the Firebox, until you find the cause of the slow access.

This util has an MTU test, and others.



........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
6K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
6K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
7K
tbright
tbright
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
5K
Richard Carter
Richard Carter
rvirene
  • Locked
  • Question
MS DNS / Powershell Script Question
Replies
2
Views
6K
rvirene
rvirene

Part and Inventory Search

Sponsor

Back
Top