Strange DNS issue
Results 1 to 7 of 7

Thread: Strange DNS issue

  1. #1
    Senior Member
    Join Date
    Apr 2004
    Posts
    157

    Strange DNS issue

    Alright, not sure how to describe this the best...

    We have a pretty big network at our college, several buildings and remote campuses.
    At the main campus though, we are right now experiencing DNS problems, where clients failover to secondary DNS and third DNS, to 95% of the time directly on the bootup from one building only though. I wish there was a monitor program that somehow would show real time what DNS a workstation currently is using.. is there such a thing?!??
    Anyway, how I know this is because people responsible to the DNS/DHCP server (one and same server) on the network has really set it up bad. DHCP is providing users this DNS configuration:
    Preferred DNS: 10.x.x.55
    Alternate DNS: 10.x.x.57
    Third DNS: 216.x.x.x

    If you use any internal DNS, everyone should know that you can't mix DNS servers like this, because if a workstation happens to fail over to the third EXTERNAL DNS, they now can't resolve any internal addresses at all!! Which is our problem. Customer can't get to the internal webservers at all, even right after reboot.

    Here comes the tricky part though. Let say we go, oh well, lets live with the stupid DNS setup, at least it shouldn't fail over to the third DNS too often. If I boot up a workstation it right away sits on the third DNS, the external one, and can't resolve any internal DNS names. I do a ipconfig /renew and now it works... for a while, then of a sudden, like 5 minutes later, it has failed over to the third again, cause now I can't resolve internal DNS names again!
    Also, ipconfig /renew usually goes in less than half a second, but every now and then it times out! (DHCP and DNS are the same server)
    Even though I run a separate window with 'ping dnsserver -t', with less than 1ms respond time without one single hiccup during all this happening!!

    It is true like the DNS people are saying, it didn't use to do it, they used to stay on the first internal DNS server and hardly ever fail over to the third. But now it keeps doing it at once!
    What could cause this kinda messup?!

    Should add that there is one hop with a 100 half duplex router between the two buildings, but it's been there for ages...not something new... but it still doesn't sound good to me to have a half duplex thing, not sure this really is the cause to our current problems.

    Any good ideas to what could cause the DNS to fail over so quickly?!
    Once connected to the external DNS though, it seems to stay just fine on that one.. !

    Any help, greatly appreciated!

    Thanks!

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    that somehow would show real time what DNS a workstation currently is using..
    depending on your os

    open up a command window and type
    ipconfig /all

    or winipcfg

    MLF

    edited due to wine infection
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Have you tried sniffing the DNS traffic to see what exactly is going on?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Have you tried restarting the primary DNS server.... Maybe the service has stopped for some reason.

    Also, make sure that someone hasn't changed a firewall rule preventing the primary from reaching the root servers. If it can't reach the root servers then it will fail and the workstation will fail over to the next listed server and so on.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    Originally posted here by morganlefay
    depending on your os

    open up a command window and type
    ipconfig /all

    or winipcfg

    MLF

    edited due to wine infection
    Morganlefay: Thanks for your reply, but ipconfig /all only shows the settings, which lists the 3 DNS servers available, I meant, is there a tool that shows real time which one of the three DNS servers the workstation is currently using?

  6. #6
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    Originally posted here by Tiger Shark
    Have you tried restarting the primary DNS server.... Maybe the service has stopped for some reason.

    Also, make sure that someone hasn't changed a firewall rule preventing the primary from reaching the root servers. If it can't reach the root servers then it will fail and the workstation will fail over to the next listed server and so on.
    Tiger Shark: Yepp, rebooted the DNS/DHCP server... plus from other buildings everything works fine and they also get their DHCP and DNS from the same server...
    Same guy is responsible for the Firewall, and I already asked him if he changed any firewalls or routers and he claims he hasn't.... he is right now out trying to find a faulty NIC/Router/workstation or something causing this "network" problem...

    Have you ever seen such a DNS setup though, two internal and the third with an external DNS!?! Isn't that asking for trouble?!? I wish I could find some real good basic DNS document that shows why you are not supposed to mix different types of DNS servers.... cause he is obviously not listening to me.. maybe he would read a public document...

  7. #7
    Senior Member
    Join Date
    Apr 2004
    Posts
    157
    Originally posted here by SirDice
    Have you tried sniffing the DNS traffic to see what exactly is going on?
    Yeah, we could see such traffic as, trying to connect to first DNS, which failed, tried secondary, which failed, tried third successfully, and then the workstation is stuck on this stupid external ISP DNS... but couldn't figure out why they fail connecting to the first and secondary, while sometimes it does work... just the majority of the times it fails...

    Thanks!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •