Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi all,
Got a very annoying DNS problem, every now and then some of my clients are unable to resolve internal dns names. I have dns A records for them configured fine. What happens is people cant connect to mapped drives etc, if i ping the server there on (lets say testsrv) i get unknown hostname and it cant resolve the ip. There are 2 weird things happening here:
1. if i do an nslookup on the host it resolves no problem.
2. if i run a packet analyzer when i do the ping it doesnt attempt to query the dns server for an answer, suggesting it already knows it.
3. an ipconfig /flushdns seems to cure the problem.Any ideas? its driving me insane!
p.s I am using a mydomain.com suffix on my clients if this makes any difference, but pining testsrv and testsrv.mydomain.com gives me the same results regardlesss.
2. if i run a packet analyzer when i do the ping it doesnt attempt to query the dns server for an answer, suggesting it already knows it.
Pretty much this. Windows does remember invalid names just as easily as valid. Just like anything else, there are registry settings to change this behavior.
0 
hi and thanks for the reply!
I did try that reg setting but on further investigation ive noticed something. i just tried doing a ping zeus (zeus is one of our servers) now i ran a packet analzyer and noticed that its not querying the dns server but instead doing a NBNS name query for it (and broadcasting for the hostname) what would cause this? I have a dns suffix specified for our domain
thanks
0
So simply disable the DNS client in the services, because the windows machine should ask your dns server and should not search it's own old cache entries.
I've done this 2 years ago and got no problem.
0
Interesting, i will try this.
The ip of the client is 10.39.22.100
the dns servers are:
10.39.11.106
10.39.11.107
0
.106 and .107 are the ms dns servers?
If you do an ipconfig /all on the workstation do they show up under dns servers?
And they are across a router. Same issue with those workstations in common ip subnet with the dns servers?BTW
"Note The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated."from here:
http://support.microsoft.com/kb/318803certainly points to NOT disabling it.
I would also think that seeing a dns query going to broadcasts means the dns server didn't have the answer or was not reached.
0
I was having and sometimes still am having the same problem. I found that when I am using DHCP IP and a Static DNS on the clients, that this seemed to happen. I switch the client computers back to Automatic DNS and it went away almost. Every once in a great while like once every two months I still get a client computer that does this.
Not sure if this helps. As Wanderer said we need the IPCONFIG/ALL so we can see the subnet mask and DNS.
0
hi thanks for the replies guys.
Yes, doing an ipconfig all gives me a primary DNS server of 10.39.11.106 and secondary of 10.39.11.107. The subnets are connected up via a layer switch and the clients can ping the 2 dns servers no problem at all.
Like I say when it happens and i do a packet analysis i can see that no DNS query is being made, instead a broadcast is made on the hostname which obviously never resolves.
0
Any reason not to post the ipconfig /all as requested? How about us reviewing it instead of you? We might have a different view.
I take it your "ping the dns servers no problem" means both by ip and by name?
doing a tracert to one of the dns servers would be informative also.
0
Hi, sure no problem, ipconfig /all :
Host Name . . . . . . . . . . . . : cus1200022342
Primary Dns Suffix . . . . . . . : ukpdomain.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ukpdomain.com
ukpdomain.comadapter Local Area Connection:
Connection-specific DNS Suffix . : ukpdomain.com
Description . . . . . . . . . . . : Broadcom NetLink (TM) GigPhysical Address. . . . . . . . . : 00-23-AE-AA-D1-B7
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.39.20.23
Subnet Mask . . . . . . . . . . . : 255.255.255.192
Default Gateway . . . . . . . . . : 10.39.20.1
DHCP Server . . . . . . . . . . . : 10.39.20.1
DNS Servers . . . . . . . . . . . : 10.39.11.106
10.39.11.107
Lease Obtained. . . . . . . . . . : 21 October 2009 09:09:26
Lease Expires . . . . . . . . . . : 22 October 2009 09:09:26---------------
As i am writing this i am currently using a client machine that is having the same problem. if I ping ukpdc1 (our primary dns server) it does NOT resolve, however i can ping 10.39.11.106 (the primary dns ip):
C:\Documents and Settings\user>ping ukpdc1
Ping request could not find host ukpdc1. Please check the name and try again.C:\Documents and Settings\user>ping 10.39.11.106
Pinging 10.39.11.106 with 32 bytes of data:
Reply from 10.39.11.106: bytes=32 time<1ms TTL=127
Reply from 10.39.11.106: bytes=32 time<1ms TTL=127
Reply from 10.39.11.106: bytes=32 time<1ms TTL=127-----------------
The tracert to the primary dns is fine:
C:\Documents and Settings\user>tracert 10.39.11.106
Tracing route to ukpdc1.ukpdomain.com [10.39.11.106]
over a maximum of 30 hops:1 14 ms 10 ms 10 ms 10.39.20.1
2 <1 ms <1 ms <1 ms ukpdc1.ukpdomain.com [10.39.11.106]Trace complete.
Reply from 10.39.11.106: bytes=32 time<1ms TTL=127-------------
Really stumped with this one!!
Any help is appreciated, thanks guys.
0
Just to add some more information, it seems that the problem is the ukpdomain.com suffix is not being added to the hostnames when trying to ping them.
ive just done an ipconfig /flushdns and then..
if i ping ukpdc1 and run a network analyser id does an NBNS lookup and fails.
if i ping ukpdc1.ukpdomain.com it resolves it.
0
"DNS Suffix Search List. . . . . . : ukpdomain.com
ukpdomain.com"This double entry isn't right
"255.255.255.192"
what is the purpose of this subnet limit of 62 hosts?
do you have other subnets on this segment?You need a wins server to address the NBNS lookup for each segment.
netbios name lookup is not the same as ip name lookup.
to test, create the server/ip entries in a lmhosts file on a problem machine and see if your lookup issues go away [I would expect them to do so]. Then move on to instituting wins servers.
lmhosts file is a little tricky. You must import the file so the system creates the lmhosts file. Best to start off with lmhosts.txt to import. After doing so you have to reboot. You can check if it loaded with nbtstat -c
0
I think your problem is that you registered your local DNS using a Public DNS sufix ".com". What version of server are you using for your DNS server? This will work with Windows 2000 with older service packs but not with 2003.
I could be wrong however. I was told to never use a Public DNS for a suffix because the DNC clients try to check the root DNSes on the Internet when you do this.
I am not sure about this however because logic says that it would check you local DNS server before going to the public DNSes.
0
In MS training examples they use contoso.com. There are no issues with using the .com extension unless you put that on the internet without registering but that creates a myriad of other issues.
0
"if i ping ukpdc1 and run a network analyser id does an NBNS lookup and fails.
if i ping ukpdc1.ukpdomain.com it resolves it."
http://technet.microsoft.com/en-us/...Playing to the angels
Les Paul (1915-2009)
0
Thanks again for the replies.
The reason behind the .192 subnet mask was because originally i was going to subnet up the departments, although this isnt going to happen now.
My understanding was that I would never have to use a WINS server because the dns suffix would add the ukpdomain.com to the end of each hostname i was trying to contact. If this isnt the case though i can probably get a wins server configured.
just a couple questions:
1. is the double entry in the suffix search list causing problems?
2. If i do need a wins server to resolve hostnames then what would explain the behaviour im experiencing? i.e: sometimes i wont be able to ping the hostname or FQDN but then if i flush the dns and/or repair the network connection it will work again?thanks again for all your help guys.
0
You don't have a dns issue but a netbios issue. MS lied when they say you don't need netbios or wins. Anyone that also runs Exchange learned this the hard way.
Concerning your questions;
1. don't know. Never had to deal with double suffix entries. I have never tested in the DNS tab having checked append these dns suffixs and [it would appear] you also have dns suffix for this connection filled in.
But again a NBNS is not dns related
2. another don't know. Not being in your environment makes it hard to tell exactly what is going on.
Articles like this point us in the right direction
http://support.microsoft.com/kb/300986"If it is possible to contact a resource by using its IP address but a ping message to its host name does not work, the problem is likely caused by a name resolution failure, rather than network connectivity. Check to make sure that the computer is configured with the proper DNS or WINS entries, and that the DNS or WINS servers are available."
Now you will notice MS says dns OR wins. This is misleading since you need both and each performs a different function. DNS is never going to resolve netbios requests.
To get to the heart of what happens with flushdns you need to observe what entries are present with displaydns and then what is different after a flushdns.
Part of the repair routine is flushdns so in that regard the two are the same.
0  |
 |
 |
| Login or Register to Reply | |
| Login | Register |
| Ads by Google |
