Solved My DCs are querying the internet for my private domain

September 18, 2014 at 06:53:45
Specs: windows 7 professional, i5-3470/16GB
Hello All,

My internet got very slow so i start checking it regularly to the point that nslookup started appending my private domain to any domain i tried to resolve for aka microsoft.com.my.domain, and i will get the 127.0.53.53 ip

My network shares started dropping so I added my DNS to each of my clients, So now all my clients are pointing to my servers for network files. I even got a new router, Linksys EA6900. Internet is still slow - Resolving host takes forever

Talked to my ISP, optimum online. They said there was nothing for them to do, but they recommend stopping my DCs from querying the internet for my private domain.

I have 2 domain controller using windows server 2008 R2 and Windows 7 pro for my clients.

Any ideas?


See More: My DCs are querying the internet for my private domain

Report •


✔ Best Answer
September 18, 2014 at 10:46:57
"If there are no conditional forwarders listed it will appear to clients that there is no internet. Their last resort to broadcasts won't go past the router for resolution since routers don'y forward broadcasts."

But you can configure your DNS server to resolve all queries directly by looking at the root servers and working their way to the result. Not efficient for a small(ish) DNS server and an unnecessary use of Internet resources, but possible.



#1
September 18, 2014 at 07:00:10
Your post is unclear. You need to give details of your DNS setup.

1. Are both of your DCs DNS servers for your domain?
2. Are they set up to forward unresolved queries to your ISP's server?
3. Do your clients get IP addresses via DHCP?
4. If so is your DHCP server configured to give the IP address of your DCs as The DNS server for clients?
5. What do you mean by "querying the internet for my private domain"? This sounds wrong.


Report •

#2
September 18, 2014 at 07:45:12
Thank for your replying Ijack

1. Yes, the 2 DCs are the DNS servers
2. No they are not set to forward unresolved queries
3.Yes, my clients get IPs through my router
4. Yes, It is.
5. I am telling you what my ISP is telling me.

My mistake was to add the ISP DNS servers on my DCs TCP/IP properties. I immediately remove them.

So i thought my DCs tried to register my domain with optimum online. The ISP saw the traffic and placed a wild card to stop it. I talked to them with no good result for me, they cannot help.

Before i talked to them i use to see the following:

C:\Windows\system32>nslookup
Default Server: UnKnown
Address: 192.168.x.x

> hp.com
Server: unknown
Address: 192.168.x.x

Non-authoritative answer:
Name: hp.com.my.domain.name
Address: 127.0.53.53

Now i see the following:

C:\Windows\system32>nslookup
DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 192.168.x.x

> hp.com.
Server: UnKnown
Address: 192.168.x.x

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
> hp.com.
Server: UnKnown
Address: 192.168.x.x

DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
> hp.com.
Server: UnKnown
Address: 192.168.x.x

Non-authoritative answer:
Name: hp.com
Addresses: 15.193.176.227
15.201.225.10
15.216.241.18
15.217.232.245
15.240.60.238
15.192.124.145

So they did something but still didnt fix anything, I have to hit hp.com three times for it to resolved.

Any idea?


Report •

#3
September 18, 2014 at 08:33:33
"2. No they are not set to forward unresolved queries"

Then your dns servers are not properly configured. In the Conditional Forwarders you put your isps or other public dns server ips. This is so when your dns servers are asked to resolve an internet access, which they don't know, then can forward the request to have it resolved and returned so the info can then be passed to the clients.

"3.Yes, my clients get IPs through my router"

Non standard configuration. You should be using the DCs for dhcp. At the least you configure the routers dhcp server to give the AD DNS servers ips to the clients.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

Related Solutions

#4
September 18, 2014 at 09:01:03
Thank you wanderer.

You are right. My DNS servers are set to forward unresolved queries. My mistake.

Do you mean set my DCs as DHCP server?

I use my router as DHCP server and it has the DNS server IPs that are giving to the clients. However, the network shares were dropping-no reconnect after a restart or logout, so that i added my dns servers ips to each client.

Everything started with my internet no working properly so i added the ISP DNS servers to all my clients, including my DCs. BIG MISTAKE
The internet worked, but that's when the network shares stopped reconnecting or dropping. My clients were querying the internet for the network shares.

I removed the ISP DNS servers ips but kept my DNS servers ips in each client, got a new router and set it up with my internet and local network settings, and to work as DHCP server.

The internet connection still crappy, but my network shares are not disconnecting anymore. I have to hit hp.com three times for the nskookup to resolve.

I know something is wrong, but i dont know what. This is why i am here!!

Please Advise


Report •

#5
September 18, 2014 at 09:02:08
Yes. In a Windows server network you should set the DCs, or at least one of them, to be both DHCP derver and DNS server. In theory you can do other than this but you need to really understand DHCP and DNS to do this. Otherwise clients won't register themselves properly with the DNS server.

As Wanderer says, you should set one, or both, DCs to be the DHCP server and turn both DHCP and DNS off on the router. Strictly speaking you don't need to forward unresolved DNS queries, but it will slow things and waste resources both on your network and the Internet in general to do otherwise. The most efficient setup is to forward unresolved queries to your ISP's DNS server.


Report •

#6
September 18, 2014 at 09:12:18
If there are no conditional forwarders listed it will appear to clients that there is no internet. Their last resort to broadcasts won't go past the router for resolution since routers don'y forward broadcasts.

The great thing about using your DC for dhcp is it can, once configured to do so, automatically update DNS with the workstation host entries. Works really great.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#7
September 18, 2014 at 09:53:01
Thank you for your replies Ijack and wanderer

So you believe that my issue, nslookup resolving for hp.com as hp.com.my.private.domain/127.0.53.53, will be solved by making one o both DCs a DHCP server?


Report •

#8
September 18, 2014 at 10:46:57
✔ Best Answer
"If there are no conditional forwarders listed it will appear to clients that there is no internet. Their last resort to broadcasts won't go past the router for resolution since routers don'y forward broadcasts."

But you can configure your DNS server to resolve all queries directly by looking at the root servers and working their way to the result. Not efficient for a small(ish) DNS server and an unnecessary use of Internet resources, but possible.


Report •

#9
September 18, 2014 at 13:28:32
I will look into it

Thank you both!


Report •

#10
September 19, 2014 at 08:09:49
Dhcp will not resolve your dns configuration issues. Proper configuration of dns will.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

Ask Question