hwest 0 Posted July 25, 2004 Hello, We're having symptoms identical to those described a couple of posts ago (DNS Server Not Working for External Access). The Server we use has multiple NICs, but all are disabled except for one. We have only one domain and the DC that handles DNS forwarding to the internet works fine, sometimes for a day or two, regarding forwarding dns requests out to the internet. However, it occasionally stops forwarding requests (although it continues functioning fine for resolving names in our domain). The event viewer shows nothing wrong and the DNS server service, itself, never shows it has stopped. Restarting the DNS server service resolves the problem for a day or two at a time. The NIC properties has two DNS server ip's in it--the first address points DNS at that server itself and the second points it at another DC in our domain, as recommended by Microsoft http://support.microsoft.com/default.asp...blurb091200.asp (this is a webcast and having each DC contain its own IP address in the NIC properties, as well as another DC on the same domain, is covered between minute 17 and 18 in the webcast). Has anyone else had this problem? If so, how did you resolve it? We are about to upgrade our AD infrastructure from 2000 to 2003 and a consultant told us the forwarding problem is a known issue with MS and the upgrade to 2003 should fix it (although I cannot find any documentation at MS to support his statement--anyone seen that?). Thanks for any ideas! -HWest Share this post Link to post
clutch 1 Posted July 26, 2004 I have worked with Windows 2000 (and now 2003) since it was out, and I haven't had this issue that you describe. In addition, I have not heard of a known issue describing what you mention. One thing to consider, however, is to try another DNS server to forward to and see if that works. PM me for one if you don't have an option. Share this post Link to post
sapiens74 0 Posted July 26, 2004 Originally posted by clutch: Quote: I have worked with Windows 2000 (and now 2003) since it was out, and I haven't had this issue that you describe. In addition, I have not heard of a known issue describing what you mention. One thing to consider, however, is to try another DNS server to forward to and see if that works. PM me for one if you don't have an option. I agree with Clutch. I had a simliar problem, and it turned out the the ISP's DNS server was flakey, and I changed the order of DNS servers to point to another one first. Eventually I removed the DNS server address that was giving me issues, and just used the other 2. This was in Windows 2003, although it wasn't really a Windows issue, but rather to do with the ISP Share this post Link to post
adamvjackson 0 Posted July 27, 2004 Likely as everyone else has indicated, it's a flaky DNS server that the requests are being forwarded to. By default, without any forwarders specified in Windows 2000 DNS, requests are forwarded to one of the 13 root servers. Have you tried allowing that root forwarding to occur? There's also the possibility that the network card driver is a little flaky. Hopefully you're using a good-quality Intel server-class NIC. Good luck, and as always, hope this helps. Share this post Link to post
hwest 0 Posted July 29, 2004 Thanks for the replies (greatly appreciated). I'll try forwarding to another DNS server and see what happens. Your idea that it's a flakey DNS server (or something along those lines) sounds quite possible. We had some trouble in the recent past after our carrier installed a new router on their network. They reported they had corrected the problems on their side that were giving us trouble, but there may remain unresolved problems there. Now, I'm seeing a new problem, though. I put a packet sniffer on the network and filtered for udp port 53 and I'm seeing large number of requests for www.code87.org. I found only one reference to this specific line, so far (although I just started searching) and it's regarding worm_rbot.as. However, I see these requests coming from various machines over our network and when I check each, I see no signs that any of the machines requesting this address have any of the files/registry entries described in the article on worm_rbot.as at http://www.trendmicro.co.jp/vinfo/virusencyclo/default5.asp?VName=WORM_RBOT.AS&VSect=T. Our a/v signature is up to date on all computers (using ca's inoc. 7.0 software). Need to sort this out and then come back to original problem. Thanks again for the replies. Share this post Link to post
htsource 0 Posted August 3, 2004 Hi, I was the one who posted a while ago about external DNS not working. I've since reverted back to forwarders instead of using root hint servers. So far it's working just fine so I'm suspecting it might be the DNS problem from my ISP. The point of this post is I don't think it's a known problem with Server 2000 as it was working for me for more than a year or so and it's working now again. Thanks, Simon Share this post Link to post