DNS Problem?

[netadmin06]

Hello, I am having a very annoying problem with my Windows 2003 server Domain Controller/DNS Server/DHCP Server (same machine does all this)...it boots up fine, no errors in event viewer, all clients authenticate fine and can access the internet fine. However, every 2 or 3 hours, all clients lose "partial" internet connectivity. I say partial because even though clients cannot browse the Internet ( they get the "this page cannot be displayed" message in their browser),their msn messengers still work, they can still chat with their contacts...it is weird...they don't get disconnected from msn messenger but when they go to a website using either IE or Firefox they cannot browse the net, it's like if they were offline for browsing websites. If I reboot the Domain Controller they can browse again the internet fine with no problems for another few hours until it happens again...is this a DNS problems?? Should I check something?? Please help..Thanks in advanced

 

[basst]

When the clients loose connectivity to the Internet can you ping a web site that replies to pings such as

http://www.novell.com?

If clients get a reply then you have a DNS problem.

Open the server properties of your DNS console and select the monitoring tab.

Check the boxes to perform simple and recursive tests.

Also check the automatic testing box and perform the test every 30 mins to see if the server has a problem performing lookups.

 

[netadmin06]

No, when clients lose Internet they cannot ping any website...Domain controller also loses connectivity to the Internet....but when I reboot Domain Controller then the Internet comes back for a couple of hours...I have noticed that in the DNS log in event viewer I get error id's 4015 and 4011.........any suggestions? Thanks alot

 

[Tyras]

When the clients are down you said you are not able to ping by DNS name (

http://www.novell.com)

but can you ping to IP address? ( I always use 4.2.2.1) If your getting responses from the IP address, then you most likely have a DNS issue. I would take a look at what DHCP is assigning for DNS (only DC or DC with ISP secondary?) and try assigning something else. Also on your DNS server look at the forwarders. Is that DNS server it forwards to having problems? Try a different known DNS server and see what happens.

BTW-
4.2.2.1 is a known good DNS server, also
try

http://www.opendns.org

Tyras

 

[netadmin06]

I was not able to ping using either name or ip address...someone suggested to stop and restart the dns server service, I've done that and, as of now, is working fine but I am not sure if it will stay that way, I will let you know in a few hours..Thanks so much..

 

[netadmin06]

This is very frustrating, we are still having the problem..after a few hours all clients and DC lose internet connection until I reboot the DC :-(

PS Clients that have msn messenger on can still chat with their contacts ..weird!

 

[ShackDaddy]

If you really can't ping by IP, then it's not a DNS problem. Are you running ISA on your server? Some sort of proxy service? What do your clients point at for a default gateway?

You really can't ping 130.57.5.25 when things are out of whack, right? The answer to that question matters a lot.

ShackDaddy

 

[netadmin06]

Yes, I cannot ping any ip's when the DC loses internet connectivity......I am not running ISA .......clients point to the router for the default gateway ( 192.168.x.x)...we are not using a proxy server....I've noticed that maybe every 3 days or so I get errors in the event viewer for DNS, errors 4005 and 4015..there errors do not appear every time the DC loses internet connectivity......

 

[ShackDaddy]

Next time the problem occurs, change a workstation's DNS to point to your ISP's DNS instead of at your server. See if that workstation can get onto the internet. If it can't, the problem probably has nothing to do with your server.

Already it sounds more likely to be your router, if you can't ping outside IP's. You could have your server turned off and still do that, if your router was ok.

Do you happen to be power cycling your router at the same time as your DC? Given what you've told me, I don't see why rebooting your server should have any affect on the problem. Unless the problem is really DHCP. Maybe you've set an extremely short lease time and for some reason the server stops renewing leases and everyone is "off the network"... but that wouldn't keep the server from accessing the internet.

My advice is to stop thinking about DNS and start looking at other things.

ShackDaddy

 

[netadmin06]

Thanks ShackDaddy I will do that, but let me ask you this...Every time clients cant browse the internet, i then reboot the server, and then after the server is backup the internet comes back...wouldn't that mean that the problem is in the server??...

I will for sure stop thinking about DNS, that is great advice...the lease duration for DHCP is 3 days...

I do not recycle the router, only the server

 

[ShackDaddy]

How did the workstation test turn out?

Is your server dual-homed? Two NICs?

Do you have a client machine in the building (or could you bring one in) that's not a member of the domain? Does the same thing happen to that client? If a client has a hardcoded IP address, does the problem affect it?

ShackDaddy

 

[netadmin06]

Hi guys, my problem has been solved!! it turns out that I had to configure a reverse lookup zone in DNS manager ...after I did that the Internet does not go down anymore...Thanks to all!

 

[ShackDaddy]

If that makes sense to anybody, please let me know!