Thread: DNS problems

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2011
    Posts
    7
    Rep Power
    0

    DNS problems


    We have a small remote lab site with 32 computers, managed by a Windows 2008 R2 Server. Lately the lab computers have been losing there connection to the internet. This seems to happen to the majority of computers, if not all. When looking at the event log of the clients, we found DNS resolution errors with the server. Here is the DNS Debugging record with multiple NXDOMAIN errors. What if anything do you guys think/know is the problem here? We have exhausted most of the simple troubleshooting methods.


    DNS Server log file creation at 10/26/2011 3:10:52 AM
    Log file wrap at 10/26/2011 3:10:52 AM

    Message logging key (for packets - other items use a subset of these fields):
    Field # Information Values
    ------- ----------- ------
    1 Date
    2 Time
    3 Thread ID
    4 Context
    5 Internal packet identifier
    6 UDP/TCP indicator
    7 Send/Receive indicator
    8 Remote IP
    9 Xid (hex)
    10 Query/Response R = Response
    blank = Query
    11 Opcode Q = Standard Query
    N = Notify
    U = Update
    ? = Unknown
    12 [ Flags (hex)
    13 Flags (char codes) A = Authoritative Answer
    T = Truncated Response
    D = Recursion Desired
    R = Recursion Available
    14 ResponseCode ]
    15 Question Type
    16 Question Name

    10/26/2011 3:11:06 AM 0FC8 PACKET 0000000002340BE0 UDP Rcv 10.10.2.104 0c3c Q [0001 D NOERROR] A (3)crl(9)microsoft(3)com(0)

    10/26/2011 3:11:06 AM 0FC8 PACKET 0000000002E01DD0 UDP Snd 8.8.4.4 714e Q [1001 D NOERROR] A (5)a1363(1)g(6)akamai(3)net(0)

    10/26/2011 3:11:06 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 8.8.4.4 714e R Q [8081 DR NOERROR] A (5)a1363(1)g(6)akamai(3)net(0)

    10/26/2011 3:11:06 AM 0FC8 PACKET 0000000002340BE0 UDP Snd 10.10.2.104 0c3c R Q [8081 DR NOERROR] A (3)crl(9)microsoft(3)com(0)

    10/26/2011 3:11:08 AM 0FC8 PACKET 0000000004C4AAC0 UDP Rcv 10.10.2.101 2ba6 Q [0001 D NOERROR] A (3)crl(9)microsoft(3)com(0)

    10/26/2011 3:11:08 AM 0FC8 PACKET 0000000004C4AAC0 UDP Snd 10.10.2.101 2ba6 R Q [8081 DR NOERROR] A (3)crl(9)microsoft(3)com(0)

    10/26/2011 3:11:08 AM 0FC8 PACKET 0000000002ACED40 UDP Rcv 10.10.2.107 50bf Q [0001 D NOERROR] A (4)wpad(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:08 AM 0FC8 PACKET 0000000002ACED40 UDP Snd 10.10.2.107 50bf R Q [8385 A DR NXDOMAIN] A (4)wpad(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:11 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.107 e597 Q [0001 D NOERROR] A (6)watson(9)microsoft(3)com(0)

    10/26/2011 3:11:11 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.107 e597 R Q [8081 DR NOERROR] A (6)watson(9)microsoft(3)com(0)

    10/26/2011 3:11:12 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.110 00ee Q [0001 D NOERROR] A (4)wpad(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:12 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.110 00ee R Q [8385 A DR NXDOMAIN] A (4)wpad(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.105 5c57 Q [0001 D NOERROR] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.105 5c57 R Q [8385 A DR NXDOMAIN] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000004C4AAC0 UDP Rcv 10.10.2.5 2771 Q [0001 D NOERROR] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002340BE0 UDP Snd 8.8.4.4 d604 Q [1001 D NOERROR] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 8.8.4.4 d604 R Q [8381 DR NXDOMAIN] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000004C4AAC0 UDP Snd 10.10.2.5 2771 R Q [8381 DR NXDOMAIN] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002ACED40 UDP Rcv 10.10.2.5 8d71 Q [0001 D NOERROR] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002ACED40 UDP Snd 10.10.2.5 8d71 R Q [8381 DR NXDOMAIN] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.5 0dc8 Q [0001 D NOERROR] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.5 0dc8 R Q [8381 DR NXDOMAIN] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.5 82af Q [0001 D NOERROR] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.5 82af R Q [8381 DR NXDOMAIN] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.5 f140 Q [0001 D NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.5 f140 R Q [8081 DR NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 10.10.2.5 38f2 Q [0001 D NOERROR] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 10.10.2.5 38f2 R Q [8381 DR NXDOMAIN] SOA (3)105(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002ACED40 UDP Rcv 10.10.2.5 cf5d Q [0001 D NOERROR] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000002ACED40 UDP Snd 10.10.2.5 cf5d R Q [8381 DR NXDOMAIN] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.5 a001 Q [0001 D NOERROR] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.5 a001 R Q [8381 DR NXDOMAIN] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.5 dcf0 Q [0001 D NOERROR] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.5 dcf0 R Q [8381 DR NXDOMAIN] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.5 8203 Q [0001 D NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:23 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.5 8203 R Q [8081 DR NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 10.10.2.130 2169 Q [0001 D NOERROR] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 10.10.2.130 2169 R Q [8385 A DR NXDOMAIN] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002ACED40 UDP Rcv 10.10.2.5 f925 Q [0001 D NOERROR] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000004C4AAC0 UDP Snd 8.8.4.4 edab Q [1001 D NOERROR] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000050C6310 UDP Rcv 8.8.4.4 edab R Q [8381 DR NXDOMAIN] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002ACED40 UDP Snd 10.10.2.5 f925 R Q [8381 DR NXDOMAIN] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.5 ed1b Q [0001 D NOERROR] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.5 ed1b R Q [8381 DR NXDOMAIN] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.5 f6ab Q [0001 D NOERROR] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.5 f6ab R Q [8381 DR NXDOMAIN] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.5 69b7 Q [0001 D NOERROR] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.5 69b7 R Q [8381 DR NXDOMAIN] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 10.10.2.5 f16f Q [0001 D NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 10.10.2.5 f16f R Q [8081 DR NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000050C6310 UDP Rcv 10.10.2.5 009f Q [0001 D NOERROR] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000050C6310 UDP Snd 10.10.2.5 009f R Q [8381 DR NXDOMAIN] SOA (3)130(1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.5 133c Q [0001 D NOERROR] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.5 133c R Q [8381 DR NXDOMAIN] SOA (1)2(2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.5 b9d8 Q [0001 D NOERROR] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.5 b9d8 R Q [8381 DR NXDOMAIN] SOA (2)10(2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.5 73c1 Q [0001 D NOERROR] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.5 73c1 R Q [8381 DR NXDOMAIN] SOA (2)10(7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 10.10.2.5 a9a1 Q [0001 D NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:27 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 10.10.2.5 a9a1 R Q [8081 DR NOERROR] SOA (7)in-addr(4)arpa(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 00000000050C6310 UDP Rcv 10.10.2.105 e36a Q [0001 D NOERROR] A (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 0000000002ACED40 UDP Snd 8.8.4.4 ebd5 Q [1001 D NOERROR] A (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 0000000002C14870 UDP Rcv 8.8.4.4 ebd5 R Q [8081 DR NOERROR] A (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 00000000050C6310 UDP Snd 10.10.2.105 e36a R Q [8081 DR NOERROR] A (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 000000000247D1C0 UDP Rcv 10.10.2.105 3b6a Q [0001 D NOERROR] AAAA (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 00000000050C6310 UDP Snd 8.8.4.4 b62c Q [1001 D NOERROR] AAAA (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 0000000002F7BFD0 UDP Rcv 8.8.4.4 b62c R Q [8081 DR NOERROR] AAAA (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:28 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 10.10.2.105 3b6a R Q [8081 DR NOERROR] AAAA (3)dns(8)msftncsi(3)com(0)

    10/26/2011 3:11:31 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.105 e681 Q [0001 D NOERROR] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:31 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.105 e681 R Q [8385 A DR NXDOMAIN] A (6)isatap(7)clc-ads(5)local(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000005EE85B0 UDP Rcv 10.10.2.136 c169 Q [0001 D NOERROR] A (4)wpad(3)ads(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 000000000247D1C0 UDP Snd 8.8.4.4 422b Q [1001 D NOERROR] A (4)wpad(3)ads(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000003999BA0 UDP Rcv 8.8.4.4 422b R Q [8381 DR NXDOMAIN] A (4)wpad(3)ads(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 10.10.2.136 c169 R Q [8381 DR NXDOMAIN] A (4)wpad(3)ads(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000002C630F0 UDP Rcv 10.10.2.136 a6d2 Q [0001 D NOERROR] A (4)wpad(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000005EE85B0 UDP Snd 8.8.4.4 f40e Q [1001 D NOERROR] A (4)wpad(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 000000000386BE40 UDP Rcv 8.8.4.4 f40e R Q [8381 DR NXDOMAIN] A (4)wpad(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 10.10.2.136 a6d2 R Q [8381 DR NXDOMAIN] A (4)wpad(7)clcinfo(3)org(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000002C14870 UDP Rcv 10.10.2.136 055b Q [0001 D NOERROR] A (3)www(6)update(9)microsoft(3)com(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000002C630F0 UDP Snd 8.8.4.4 c0e8 Q [1001 D NOERROR] A (3)www(6)update(9)microsoft(3)com(5)nsatc(3)net(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000004178020 UDP Rcv 8.8.4.4 c0e8 R Q [8081 DR NOERROR] A (3)www(6)update(9)microsoft(3)com(5)nsatc(3)net(0)

    10/26/2011 3:11:39 AM 0FC8 PACKET 0000000002C14870 UDP Snd 10.10.2.136 055b R Q [8081 DR NOERROR] A (3)www(6)update(9)microsoft(3)com(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 0000000002F7BFD0 UDP Rcv 10.10.2.5 31a2 Q [0001 D NOERROR] SRV (5)_ldap(4)_tcp(23)Default-First-Site-Name(6)_sites(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 0000000002F7BFD0 UDP Snd 10.10.2.5 31a2 R Q [8385 A DR NXDOMAIN] SRV (5)_ldap(4)_tcp(23)Default-First-Site-Name(6)_sites(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 00000000030DEED0 UDP Rcv 10.10.2.5 6e32 Q [0001 D NOERROR] SRV (5)_ldap(4)_tcp(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 00000000030DEED0 UDP Snd 10.10.2.5 6e32 R Q [8385 A DR NXDOMAIN] SRV (5)_ldap(4)_tcp(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 0000000003999BA0 UDP Rcv 10.10.2.5 c63b Q [0001 D NOERROR] SRV (3)_gc(4)_tcp(23)Default-First-Site-Name(6)_sites(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 0000000003999BA0 UDP Snd 10.10.2.5 c63b R Q [8385 A DR NXDOMAIN] SRV (3)_gc(4)_tcp(23)Default-First-Site-Name(6)_sites(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 000000000386BE40 UDP Rcv 10.10.2.5 5af0 Q [0001 D NOERROR] SRV (3)_gc(4)_tcp(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:51 AM 0FC8 PACKET 000000000386BE40 UDP Snd 10.10.2.5 5af0 R Q [8385 A DR NXDOMAIN] SRV (3)_gc(4)_tcp(10)MARTIN-CLC(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:54 AM 0FC8 PACKET 0000000004178020 UDP Rcv 10.10.2.101 3242 Q [0001 D NOERROR] SRV (5)_ldap(4)_tcp(23)Default-First-Site-Name(6)_sites(2)dc(6)_msdcs(7)CLC-ADS(5)local(0)

    10/26/2011 3:11:54 AM 0FC8 PACKET 0000000004178020 UDP Snd 10.10.2.101 3242 R Q [8085 A DR NOERROR] SRV (5)_ldap(4)_tcp(23)Default-First-Site-Name(6)_sites(2)dc(6)_msdcs(7)CLC-ADS(5)local(0)
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Posts
    248
    Rep Power
    5
    NXDOMAIN shouldn't cause loss of all DNS connectivity(just affects whatever doesn't exist). It's pretty normal to see a lot of those in logs from various programs asking for stuff that just doesn't exist somewhere. What you would want to check is if DNS resolution is working on the server or if there is some sort of error when it actually breaks. There could be numerous issues causing weirdness in DNS but the best way to check is when it's actually broken. Try lookups on the machines and the server itself. What are you doing to fix the loss of connectivity (if anything)?

    Looks like a lot of the NXDOMAIN responses are for arpa lookups and just local stuff.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2011
    Posts
    7
    Rep Power
    0

    What we are doing.


    Tomorrow we are going there and trying to find one when it is breaking. Then I intend to run nslookup, ipconfig /all, and maybe a tracert or two on the non-connecting client. Also making sure I can ping the server and the domain-name. I was going to install pingdom to check the internet connection.

    We are going to bypass the distro and access switches and see if a client will lose connectivity when directly plugged into the "core" switch (these are not expensive switches) to rule out a physical layer problem.

    I removed all fowarders from the DNS server role, and found there was no reverse-lookup zone defined, so I put one in place and was able to resolve IPs to domain names using nslookup on the server (something I couldn't do before).

    Do you have any other suggestions? If so I'm going there in the morning (like 12hours) so reply, reply, reply! I have more data if anyone needs. There are event log errors and such...
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Posts
    248
    Rep Power
    5
    If the client loses the ability to resolve, the big thing is to check connectivity and make sure the server is still running. Ping the DNS server and check for packet loss (DNS is UDP by default so packet loss will really screw up things), telnet to port 53 (this will test that you can connect on TCP to the server for the DNS service) and even try nslookup with another DNS server (like 4.2.2.2). If it can't do any lookups to any servers, probably the internal network or individual computer. if external lookups work but internal doesn't, that at least narrows it down to an internal issue.

    If possible, you can put a packet sniffer (like wireshark) on a computer having the issue and check whats happening with it there.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2011
    Posts
    7
    Rep Power
    0
    Thanks Ill try all that! Do you know of any ISP testing software I might use to check the connection to the ISP?
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Posts
    248
    Rep Power
    5
    I'm sure there are many free ones. Depends on what you're checking I guess (speed, latency, packet loss, ports...). I'd say google it and your bound to find many tools that work in the browser and probably ones to download too. Nothing immediate comes to mind other than ping, trace, dig, nmap and some sort of speed test site to check ISP stuff. I used to work for an ISP, so I will say some tools out there on the internet can be some bs.
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2011
    Posts
    7
    Rep Power
    0

    Issue Solved!


    It was packet loss to the DNS server. We used wireshark and the command line and narrowed it down to the server or the server NIC. We enabled a second ethernet interface, added the IP as a secondary DNS and WINS server, added it to DHCP and restarted the hosts to pull the DHCP. Everything is now connecting fine and the problem went away. So it was either to much traffic, or a jittery flakey NIC on the server. thanks for the help.

IMN logo majestic logo threadwatch logo seochat tools logo