Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Saturday, January 14, 2017 10:18 PM
Hey All,
Haveing some issue with my Server 2008 DNS server its not resolving outside of network or is at least sometimes working.
If I try ping www.firefox.com I get it working ever second time
If I set local machines on network to 8.8.8.8 all works fine until domain login breaks or shares break, same with server.
Any thoughts?
All replies (9)
Sunday, January 15, 2017 2:33 PM | 2 votes
hi Namit,
on your DNS server do following:
1- download Microsoft netmon 3.4 and install it on server
2- open the netmon and start capturing
3- launch cmd on server and type "nslookup"
4- type: "google.com." >> note the "period" at the end of line!
5- after you either get a request time out or a successful response please stop capturing and save the trace file
6- send me the trace file at [email protected]
Thanks
Thanks Mahmoud
Sunday, January 15, 2017 10:38 PM
I never get a successful response doing that, just a timeout. ping responds but only on second try. Also if I do nslookup www.google.com. 8.8.8.8 does same thing.
Thank you
Monday, January 16, 2017 2:33 AM
Hi Namit,
Please try to run ipconfig /flushdns command to clean DNS caching.
And then please remove forwarder of 8.8.4.4, and try again.
How many DNS server did you configure on client?
Please ensure connection is correct between public DNS server and local DNS server.
Please run dcdiag /test:dns command and please post result of command to here for further troubleshooting.
For systemlog test failed, please check link below to fix it:
DCDIAG Failed Test SystemLog (dsforum2wiki)
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, January 16, 2017 10:23 AM
Hi John,
On Client machines from DHCP we have the server ip address 192.168.1.2 when it stopped working we used 8.8.8.8 and worked fine.
Tried the ipconfig /flushdns and have removed 8.8.4.4 server is back on 127.0.0.1
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = WALLACE
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\WALLACE
Starting test: Connectivity
......................... WALLACE passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\WALLACE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes..
......................... WALLACE passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : wm
Running enterprise tests on : wm.local
Starting test: DNS
......................... wm.local passed test DNS
Thank you
Monday, January 16, 2017 12:41 PM | 1 vote
Hi Namit,
I have checked the trace file you sent me and apparently I didn't see any DNS query for google domain leaving this servers!! I however could see many requests going to the public DNS successfully and receiving a reply.
could it be captured in the wrong time window? would you confirm?
Thanks Mahmoud
Tuesday, January 17, 2017 9:41 AM
Not sure what you mean with time window all I did was install it on server start capture run commands and stop and save.
Thank you
Tuesday, January 17, 2017 3:56 PM | 2 votes
hi Namit,
what i mean is that during the time window when this capture were taken and filteirng only DNS traffic as shown in the above screenshot apparently here was no DNS query for google.com at all! no DNS query left this server's NIC actually!
HOWEVER, it's shown that communication toward 8.8.8.8 and 8.8.4.4 seems to be good with nothing wrong at all.
also in same time did you notice that all the DNS traffic is for only one domain : kasbersky with another query for macromedia...
do you have any information on what kasbersky component is installed?
also could you remove any AV for testing on that DNS server and repeat the test? i have seen cases with some AV (trendmicro for example) that the traffic is blocked internally by AV layer and get dropped then throw back the "request time out" you see....but what we are sure about at this point is that no DNS traffic for google.com has left this server's NIC ever!
Thanks
Thanks Mahmoud
Tuesday, January 17, 2017 4:55 PM
Very odd disabled it turned off services and same issue.
Uninstall Kasperksey and all works fine now. Really appreciate the help.
Thank you
Tuesday, January 17, 2017 5:58 PM | 1 vote
Hi Namit, I'm glad to hear that. You can contact kasbersky support for this matter now. Please feel free to contact me anytime if you need help Also would you kindly mark it as answered? Thanks
Thanks Mahmoud