|
Question : SBS2003 DNS Issue
|
|
I have a brand new, fully patched Windows SBS 2003 sp2 that every hour has what I can only describe as a DNS �outage�. It happens every hour throughout the day (around the 50 minute mark in my situation) and basically, around this time the server, can no longer do DNS queries. I first noticed the problem as it the server kept dropping out of my LogMeIn Ignition on a regular basis, and I�m not able to reconnect.
However, if I�m remote controlling another desktop in the office, and RDP into server I�m able to get on. When attached to the server, if I do NSLOOKUP, all my lookups fail and the server will NOT let me change the server to either of the upstream DNS servers at the ISP. However, doing NSLOOKUP from the workstation, even with my lookups failing against the SBS 2003 server (timeouts), I�m able to switch the DNS server to either of the upstream ISP DNS servers with no problems.
The problem happens every 50 minutes, and sometimes last under 3 minutes and up to 25 minutes. Restarting the DNS server service on the server does not solve the problem. Below are some of the details, and using www.cnn.com as a test with nslookup �d.
H:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : MYSERVER
Primary Dns Suffix . . . . . . . : MYDOMAIN.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : MYDOMAIN.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-F6-52-95
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.10
H:\>nslookup -d
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
10.1.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 10.1.168.192.in-addr.arpa
name = MYSERVER.MYDOMAIN.local
ttl = 1200 (20 mins)
------------
Default Server: MYSERVER.MYDOMAIN.local
Address: 192.168.1.10
> www.cnn.com
Server: MYSERVER.MYDOMAIN.local
Address: 192.168.1.10
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.cnn.com.MYDOMAIN.local, type = A, class = IN
AUTHORITY RECORDS:
-> MYDOMAIN.local
ttl = 3600 (1 hour)
primary name server = MYSERVER.MYDOMAIN.local
responsible mail addr = hostmaster
serial = 71
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
*** Request to MYSERVER.MYDOMAIN.local timed-out
>
****
If I try to switch to an upstream DNS server at the ISP while this �outage� is going on, I get the following:
H:\>nslookup -d
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
10.1.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 10.1.168.192.in-addr.arpa
name = MYSERVER.MYDOMAIN.local
ttl = 1200 (20 mins)
------------
Default Server: MYSERVER.MYDOMAIN.local
Address: 192.168.1.10
> server 68.94.156.1
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
Default Server: [68.94.156.1]
Address: 68.94.156.1
>
Final Thoughts
What is very interesting during all this, is that when the �DNS outage� is occurring, no errors can be found in any of the event logs, restarting DNS server service has no effect, and when trying to do basic testing, such as telnet to the public IP address port 25 of the that is NAT�ed to the internal server address, this fails as well. In fact, during the outage, trying to telnet to the few open ports on the server from the outside fail (ports opened on the firewall and assigned to the internal IP address). Once the �outage� has ran its course, everything returns to normal &until the next hour.
Thank you for your time.
|
Answer : SBS2003 DNS Issue
|
|
I was able to solve this issue and wanted to post back my findings for anyone else who runs into this issue and has a similar setup.
While I never was exactly able to figure out what was going on to cause the DNS �outage� every hour, the fix seemed to lie in re-configuring the DSL modem. The modem is an AT 2WIRE and the previous consultants had been using the 5 public IP addresses to the internal workstations. When I came in, I only needed one public IP address and basically unassigned all the others. Live and Learn.
Though the 2WIRE has the option to do a NAT setup, it is not a true NAT, at least in the way I�ve learned it (I could be the wrong one), in that you still have to assign the public IP addresses to your internal network devices. I turned this off.
Logon to the 2WIRE
Click on Home Network
Click on Advanced Settings (enter your password if prompted)
Under Public Proxied Subnet (NAT/Routed), uncheck the box next to Enable
Click Save.
And this solved my mysterious problem of the connection dying every hour. This worked in my situation because I only have one SBS server in this location and do not need several public IP addresses and definitely did NOT want to add or change to a public routable IP address on my one server NIC.
Hope this helps anyone who has a similar setup.
|
|
|
|
|
