DNS Issues - Windows Server 2008 R2

[shadow_man]

Hi,

I'm using DNSMASQ for local DNS and as such I've got a DNS Forwarder on the AD server to query this server for DNS.

It seems to be working fine, but then all of a sudden goes intermittent and won't resolve anything. The problem appears to be on the AD side and not the DNSMASQ side as the AD server just doesn't reply to NSLOOKUP - despite some DNS resolution being available?

My DNS (confirmed via IPCONFIG):

DNS Servers . . . . . . . . . . . : 192.168.22.10
192.168.22.11

------------------------------------------------------------
EXAMPLES:
------------------------------------------------------------

C:\Users\j>ping wiki.test.biz
Ping request could not find host wiki.test.biz. Please check the name and try again.

C:\Users\j>nslookup wiki.test.biz
Server: rsad001.test.local
Address: 192.168.22.10

Name: wiki.test.biz
Address: 192.168.22.226


C:\Users\j>nslookup server
Server: rsad001.test.local
Address: 192.168.22.10

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to rsad001.test.local timed-out

-------------------
I can clearly ping the DC and its up:

C:\Users\j>ping rsad001.test.local

Pinging rsad001.test.local [192.168.22.10] with 32 bytes of data:
Reply from 192.168.22.10: bytes=32 time=1ms TTL=128
Reply from 192.168.22.10: bytes=32 time<1ms TTL=128
Reply from 192.168.22.10: bytes=32 time<1ms TTL=128
Reply from 192.168.22.10: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.22.10:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

 

[shadow_man]

Flushing / Registering DNS on the workstation seems to fix the DNS issue - but this is a short term fix as it breaks again.

I'm guessing the DNS cache is becoming stale or not refreshing itself somehow?

C:\Users\j>ping wiki.test.biz
Ping request could not find host wiki.test.biz. Please check the name and try again.

C:\Users\j>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\j>ipconfig /registerdns

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

C:\Users\j>ping wiki.test.biz

Pinging wiki.test.biz [192.168.22.226] with 32 bytes of data:
Reply from 192.168.22.226: bytes=32 time<1ms TTL=64
Reply from 192.168.22.226: bytes=32 time<1ms TTL=64
Reply from 192.168.22.226: bytes=32 time<1ms TTL=64
Reply from 192.168.22.226: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.22.226:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

 

[shadow_man]

Things I've tried.

Restarting DNS service.
Clearing DNS cache.

Both of the above don't work, however the issue is fine immediately after a flushdns / registerdns but then it breaks again sometime after...

 

[srothman]

Did you delete the DNS record in AD prior to re-registering it?

 

[shadow_man]

Did you delete the DNS record in AD prior to re-registering it?

Haven't touched the records no. AD pulls the records from a DNSMASQ server (for the local DNS) - Google does the external.

 

[shadow_man]

I think I figured this out (well its testing fine so far, so hopefully):

The BDC - had a diff set of forwarders to the PDC and even though the PDC wasn't down, it was still using BDC for DNS queries at some points and falling over.

In my mind if PDC isn't down, don't ever check BDC for DNS, but NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO - MS want to do it the hard way.