[SOLVED] DNS Client stops working

2011-06-23

Question

_{Thursday, June 23, 2011 12:35 PM}

Hi,

I'm new here so i hope i posted this in the right forum.

My Server 2008 installation has a weird problem i can't figure out. And i hope someone here might have an idea.

At random times the server can no longer resolve domain names, 'nslookup -d microsoft.com' returns an error saying "Result too large".

I did some searching and found some topics about this being a problem with DNS root hints. However, this Server2008 install does not have a DC\AD\DNS or otherwise 'service providing' role. It's the base installed OS and nothing more. Also in the topics i found the problem was also resolvable by restarting the DNS service or clearing the DNS cache, which i my case, do not help at all, only a reboot fixes it for some time.

If it helps, it's a HP Proliant ML110 G6, with Windows 2008 R2 x64 SP1.

Only extra software installed are .NET 3.5 Sp1 and .NET 4.0.

Does anyone have any clues or futher diagnostic steps i can take?

Kind regards,

Frank Weggelaar

All replies (29)

_{Friday, July 1, 2011 12:55 PM ✅Answered}

Thank you for the infromation, i've reconfigured the network so that it uses the direct IP of the ISP's dns.

It's a Cisco 1811 router and according to our ISP it should allow EDNS0, they changed something in the config of that router so i'll have too wait a few day too see if the problem returns or not.

Frank

_{Thursday, December 8, 2016 10:10 AM ✅Answered}

It's been a long time, but i've finally found the issue. Turns out the cause was not related to DNS.

There was a bug in one of the programs on this machine that caused a windows service to not release TCP/UDP ports when closed resulting in port exhaustion.

After restarting the service DNS returns to normal.So for future reference, if you have got the same issue run netstat -ban to see if something is holding on to all of your ports.

_{Friday, June 24, 2011 5:53 AM}

Hi Frank,

Thank you for your post.

To address your problem, please first post an unedited ipconfig /all and nslookup from your server when it cannot resolve domain names.

Best Regards,

James

_{Sunday, June 26, 2011 7:32 PM}

HI Frank,

In addition to James' request (which would be helpful for us to see the configs), if you run nslookup in interactive mode and force it to use TCP, does it work? Example:

nslookup
> set vc
microsoft.com

If you don't have a Forwarder in place, and you do configure a fowarder, such as to 4.2.2.2, does the nslookup work as you originally tried?

If a Forwarder makes it work, then the next question is what type of firewall is in place? Does it support EDNS0? If not, that may be the issue. Read up more on EDNS0...

What is EDNS0? (Extension mechanisms for DNS)
Published by Ace Fekay, MCT, MVP DS on Oct 11, 2010 at 2:46 PM
http://msmvps.com/blogs/acefekay/archive/2010/10/11/edns0-extension-mechanisms-for-dns.aspx

EDNS: What is all about?
By Chris Spanougakis, MCT, MVP DS
http://spanougakis.wordpress.com/2011/05/01/edns-what-is-all-about-2/

Ace

Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Monday, June 27, 2011 9:18 AM}

Hi James,

Thanks for your reply.

Here is a copy of ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : SPSER0023

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Peer-Peer

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) PRO/100+ Dual Port Server Adapter #2

Physical Address. . . . . . . . . : 00-03-47-08-99-C4

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::c123:7687:77d:176%14(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.19.250(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.19.1

DHCPv6 IAID . . . . . . . . . . . : 352322375

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-55-09-E8-78-E3-B5-FC-9E-5F

DNS Servers . . . . . . . . . . . : 192.168.19.2

8.8.8.8

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) PRO/100+ Dual Port Server Adapter

Physical Address. . . . . . . . . : 00-03-47-08-99-C5

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::28e0:5515:91b8:a777%13(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 335545159

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-55-09-E8-78-E3-B5-FC-9E-5F

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3D284352-460D-49AA-A573-AD93A512B406}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A5A51954-E040-4022-9462-5CAA6ED563D9}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

and my nslookup

SendRequest(), len 43

HEADER:

opcode = QUERY, id = 1, rcode = NOERROR

header flags: query, want recursion

questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:

2.19.168.192.in-addr.arpa, type = PTR, class = IN

connect: Result too large

SendRequest failed

Default Server: UnKnown

Address: 192.168.19.2

> microsoft.com

Server: UnKnown

Address: 192.168.19.2

SendRequest(), len 31

HEADER:

opcode = QUERY, id = 2, rcode = NOERROR

header flags: query, want recursion

questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:

microsoft.com, type = A, class = IN

connect: Result too large

SendRequest failed

SendRequest(), len 31

HEADER:

opcode = QUERY, id = 3, rcode = NOERROR

header flags: query, want recursion

questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:

microsoft.com, type = AAAA, class = IN

connect: Result too large

SendRequest failed

*** UnKnown can't find microsoft.com: No response from server

Hope it helps!

Kind regards,

Frank

_{Monday, June 27, 2011 2:09 PM}

Thank you for posting the information. -> Is this a Domain Controller?

First, you are using a mixture of internal and external DNS servers. It looks like the "external" one is a Google address:

DNS Servers . . . . . . . . . . . : 192.168.19.2

** 8.8.8.8**

Please remove 8.8.8.8. Only use 192.168.19.2. Use that address as a Forwarder. This rule of thumb MUST APPLY TO ALL INTERNAL MACHINES, including the domain controllers, member servers and client machines. Here's more on it and why you should never use an external DNS with an AD infrastructure or trying to contro internal records.

Active Directory's Reliance on DNS, and why you should never use an ISP's DNS address or your router as a DNS address, or any other DNS server that does not host the AD zone name
Published by Ace Fekay, MCT, MVP DS on Aug 17, 2009 at 7:35 PM 1058 2
http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx

Second, there are two interfaces showing active. Is this a DC? Why does this machine have two active IP addresses on the same subnet? There should only be one active interface. Multiple IPs will cause problems on a machine, unless it's a web server.

Third, it doesn't appear you tried the nslookup switch I suggested. You don't have to use the d2 option with it, as you posted. Please try:

c:\nslookup
> set vc
> microsoft.com

Thank you!

Ace

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Tuesday, June 28, 2011 7:35 AM}

Hi Ace,

Thanks for the feedback, this machine is not a DC or AD.
The server has only one role, webserver.

I've removed 8.8.8.8 from the interface.

To answer your other question, this machine has 2 interfaces in the same subnet because they go to 2 separate networks, one network (192.168.19.250/24) has a connection to the internet and switches/routers and other servers on the network, the second interface (192.168.0.2/24) only has one device connected to it.

And below the nslookup output with suggested options:

Default Server: UnKnown

Address: 192.168.19.2

> set vc

> microsoft.com

Server: UnKnown

Address: 192.168.19.2

*** UnKnown can't find microsoft.com: Unspecified error

Kind regards,

Frank

_{Tuesday, June 28, 2011 5:24 PM}

How many NS records are listed in your DNS server? This is a known issue if there are too many NS records listed. How many zones are on your DNS server?

Is there any local firewall on the DNS server (SYmantec AV, McAfee, Avast, AVG, etc)?

If you change the nslookup server that it's using from your server, to say 4.2.2.2, does it work? First run it without the svc option, then run it with it. Example:

c:\nslookup
> sever 4.2.2.2
> microsoft.com

Then try with the VC option to use TCP

> set vc
> sever 4.2.2.2
> microsoft.com

More info on this error

BIND - Troubleshooting nslookup Problems
"What happened here is that there was too much data to fit into a UDP datagram. The name server stopped filling in the response when it ran out of room. The name server didn't set the truncation bit in the response packet, or nslookup would have retried the query over a TCP connection; the name server must have decided that enough of the "important" information fit. You won't see this kind of error very often. You'll see it if you create too many NS records for a zone, so don't create too many."
http://www.c3.hu/docs/oreilly/tcpip/dnsbind/ch41_07.htm
http://docstore.mik.ua/orelly/networking_2ndEd/dns/ch42_07.htm

DNS Troubleshooting - "4. Unspecified error" - "This is mainly caused when number of NS records exceeds the capacity of datagram packet so don’t put too many NS records for a domain."
http://adminschoice.com/dns-troubleshooting

Ace

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Thursday, June 30, 2011 2:26 PM}

I'm under the impression that you believe i have a W2008 DNS server somewhere, or i'm missing something else.

Maybe i wasn't clear enough in my other posts but the IP that is seen in this server's ipconfig as DNS (192.168.19.2) is a cisco router that was provided by my ISP, which will probably forward any DNS requests to the ISP's DNS servers.

However, running nslookup with example 2 does return a correct address, so i'm confused now. Is my ISP's DNS broken than?

Best regards,
Frank

_{Thursday, June 30, 2011 3:10 PM | 1 vote}

I'm under the impression that you believe i have a W2008 DNS server somewhere, or i'm missing something else.

Maybe i wasn't clear enough in my other posts but the IP that is seen in this server's ipconfig as DNS (192.168.19.2) is a cisco router that was provided by my ISP, which will probably forward any DNS requests to the ISP's DNS servers.

However, running nslookup with example 2 does return a correct address, so i'm confused now. Is my ISP's DNS broken than?

Best regards,
Frank

Yes, that was the assumption. We normally do not recommend to use a router/firewall as a DNS server, because basically it isn't. Using one introduces a resolution hop that slows down resolution, as well as introduces limitations that may affect resolution. We highly suggest and recommend to use a DNS server's IP directly, and not indirectly. If you are using Google's DNS server, such as 8.8.8.8, OpenDNS, or any external DNS, such as 4.2.2.2, 4.2.2.3, etc, please specify the IP directly, and not the router or firewall. This will eliminate any conceived or assumed resolution problems.

Also, if example #2 works, that means that the firewall or router has a limitation allowing EDNS0. By default, resolution uses UDP. The 'set vc' switch forces TCP. Please read my EDNS0 blog that explains how this works. Based on this, it seems there is a limitation with the firewall, not the ISP's DNS server.

Ace

Late edit: What brand firewall or router is it? Can you contact your ISP to see if there is an update to allow EDNS0 on it? If there is an EDNS0 limitation with the firewall, then it means even if you do use the ISP's DNS directly, the firewall or router will block EDNS0.

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Friday, July 1, 2011 2:50 PM}

Thinking about this, I don't think if there was an EDNS0 limitation or restriction on the Cisco 1811 that it would matter much, because that limitation or restriction affect resolution traffic going through it, not using the unit itself for DNS. Earlier on, I thought 192.168.19.2 was Windows DNS server. Therefore, I think it's a moot point. Now if you had an internal DNS server, then the limitation would affect it.

Let us know how the new config works out.

Ace

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Monday, July 4, 2011 6:02 AM}

Hi,

I’d like to confirm whether there is any update about this issue, please feel free to let us know.

Best Regards,

James

_{Tuesday, July 12, 2011 3:36 PM}

Problem still persists.

Here's an update, after changing the network settings to use the ISP's direct DNS ip's instead of forwarding it through the router the problem appeared to be gone.

However as of 4 hours ago it's back.

I just typed nslookup -d2

Then tried microsoft.com, and got the same error again, result too large.

I went ahead and typed set vc and then tried microsoft.com again and it works.

So can I assume that the problem really is related to the use of UDP?

And can the build-in windows firewall have anything to do with it?

Best regards,

Frank Weggelaar

P.S. sorry the update took so long, it's been a very busy few weeks :(

_{Wednesday, July 13, 2011 4:20 AM}

If 'set vc' works, it seems, and this going back to earlier posts, that the firewall may not be allowing EDNS0. But you said they changed the config in the firewall. Do you know what they changed? Perhaps 'fixup protocol dns 4000?'

Maybe the router/firewall is disallowing UDP 53?

I don't think the Windows firewall would block it, but go ahead and give it a shot and disable it. Then again, you said nslookup worked, so not sure.

Is there an antivirus software running with some sort of security feature?

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Wednesday, July 13, 2011 1:06 PM}

If 'set vc' works, it seems, and this going back to earlier posts,
that the firewall may not be allowing EDNS0.

Seconded; using "set vc" means carrying over TCP queries and
in such a case whatever firewall bug or UDP packet size limitation
won't apply

But you said they changed the config in the firewall. Do you know
what they changed? Perhaps 'fixup protocol dns 4000?'

Good point, let's wait to hear back from the OP !

Maybe the router/firewall is disallowing UDP 53?

Hmm... Ace, I don't think this is the case, otherwise queries would
fail immediately and not 4 hours later !

I don't think the Windows firewall would block it, but go ahead
and give it a shot and disable it. Then again, you said nslookup
worked,

Ugh... Ace... disabling the WFW (no, not windows for workgroups :D)
isn't a good idea; it's acceptable here since you already know there's
a firewall "in front" of the server, yet, it doesn't make me happy; at
any
rate, given that the box is somewhat protected... yes, that may be a
check, although I sincerely doubt the windows firewall may be the
culprit
here; afaict there's no UDP packet size limitation in WFW

Is there an antivirus software running with some sort of security

feature?

GOOD one; some AVs have their own firewall and/or may install their
own "filter driver" to monitor network traffic and, if this is the case
maybe
the AV sees those oversized packets as an attempt to "attack" the box

Anyways, I'd point my finger to the edge firewall (not the local one)
given
what I saw, I suspect that the fw is rejecting "oversized" UDP packets;
it would be interesting to (temporarily) disable EDNS0 and checking if
this solves the issue

_{Wednesday, July 13, 2011 1:44 PM}

I was just trying to cover all bases. More than likely it's the perimeter firewall, and since the ISP techs are administering it, the OP must take the tech's word on it.

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Wednesday, July 13, 2011 1:53 PM}

I was just trying to cover all bases. More than likely it's the perimeter firewall, and since the ISP techs are administering it, the OP must take the tech's word on it.

And you did it well, Ace :D don't get me wrong, I was just trying to "enforce" the point; again, reading the whole discussion it sounds like the issue is, most probably, related to the edge firewall dropping (or truncating) the "oversized" UDP packets used by EDNS0 - now... I've been keeping it in my backburner for a while now, but I think I'll put together some simple cmdline tool to check DNS flow, that may be useful whenever dealing with such stuff (yes, I know there are some from Microsoft and others, I'm just thinking to some kind of "straightforward" critter ;D)

_{Thursday, July 14, 2011 7:47 AM}

Okay, the ISP's helpdesk is stonewalling my questions about what they changed in the config, so my guess would be that they didn't change anything...

I'll keep trying to get that info but in the meantime i'll have to keep searching for proof it actually is a problem they need to fix.

The thing that is puzzling me is the fact that a reboot of the server fixes the issue for some time. I mean, if it is the firewall, then shouldn't the problem be more persistent? Also the AV was one of the first suspects i checked (since i had some issues earlier with http traffic). We use ESET NOD32 v4 business edition. I uninstalled that first, it's still off. A note to make here is that the edge firewall is also running an internal AV (kaspersky, i believe).

The only thing i can think of after reading the last part of your post ObiWan is that there is a 'filter driver' active, WinPCap is on this machine (running to capture metadata from videostreams).

_{Thursday, July 14, 2011 9:54 AM}

Okay, the ISP's helpdesk is stonewalling my questions about what they changed in the config, so my guess would be that they didn't change anything...

Please, Frank, try the following; fire up a command prompt on your DNS and enter

nslookup -type=TXT rs.dns-oarc.net

the above query will check your resolver for EDNS0 support and may allow you to see if, in effect, the router was properly configured; for further informations about the above test, please see here

_{Thursday, July 14, 2011 2:50 PM}

Done.

output as follows

nslookup -type=TXT rs.dns-oarc.net

Server: recursor1.bbeyond.nl

Address: 62.177.144.11

Non-authoritative answer:

rs.dns-oarc.net canonical name = rst.x476.rs.dns-oarc.net

rst.x476.rs.dns-oarc.net canonical name = rst.x485.x476.rs.dns-oarc.net

rst.x485.x476.rs.dns-oarc.net canonical name = rst.x490.x485.x476.rs.dns-oarc.net

rst.x490.x485.x476.rs.dns-oarc.net text =

"Tested at 2011-07-14 14:41:44 UTC"

rst.x490.x485.x476.rs.dns-oarc.net text =

"217.149.196.26 DNS reply size limit is at least 490"

rst.x490.x485.x476.rs.dns-oarc.net text =

"217.149.196.26 lacks EDNS, defaults to 512"

_{Thursday, July 14, 2011 3:06 PM}

Done.

output as follows

nslookup -type=TXT rs.dns-oarc.net

Server: recursor1.bbeyond.nl

Address: 62.177.144.11

Non-authoritative answer:

rs.dns-oarc.net canonical name = rst.x476.rs.dns-oarc.net

rst.x476.rs.dns-oarc.net canonical name = rst.x485.x476.rs.dns-oarc.net

rst.x485.x476.rs.dns-oarc.net canonical name = rst.x490.x485.x476.rs.dns-oarc.net

rst.x490.x485.x476.rs.dns-oarc.net text =

"Tested at 2011-07-14 14:41:44 UTC"

rst.x490.x485.x476.rs.dns-oarc.net text =

"217.149.196.26 DNS reply size limit is at least 490"

rst.x490.x485.x476.rs.dns-oarc.net text =

"217.149.196.26 lacks EDNS, defaults to 512"

I think it should be clear enough, you have no EDNS0 support (as for above), now, given that your DNS server has EDNS enabled and that there's nothing along the path truncating your DNS (UDP) traffic, the only thing which may be causing such an issue is your WAN router, so, you should contact your carrier/ISP, send them the above infos and tell them that they will NEED to fix the above asap :)

_{Friday, July 15, 2011 6:49 AM}

I guess i'll go and pick a fight with the ISP then!

Thank you for your assistance ObiWan and Ace Fekay!

Best regards,

Frank Weggelaar

_{Friday, July 15, 2011 7:40 AM}

I guess i'll go and pick a fight with the ISP then!

Thank you for your assistance ObiWan and Ace Fekay!

Thank you for the feedback, Frank; as a note, here's the output from a test I ran on one of my boxes (notice, mangled the DNS name and IP, but left the results unedited) running Windows 2008 R2

nslookup -type=TXT rs.dns-oarc.net.

Server: dns.example.com
Address: 192.0.2.11

Non-authoritative answer:
rs.dns-oarc.net canonical name = rst.x3827.rs.dns-oarc.net
rst.x3827.rs.dns-oarc.net  canonical name = rst.x3837.x3827.rs.dns-oarc.net
rst.x3837.x3827.rs.dns-oarc.net canonical name = rst.x3843.x3837.x3827.rs.dns-oarc.net
rst.x3843.x3837.x3827.rs.dns-oarc.net text = "192.0.2.11 sent EDNS buffer size 4000"
rst.x3843.x3837.x3827.rs.dns-oarc.net text = "Tested at 2011-07-15 07:36:10 UTC"
rst.x3843.x3837.x3827.rs.dns-oarc.net text = "192.0.2.11 DNS reply size limit is at least 3843"

as you see, the DNS has EDNS0 enabled and ... there's no "hurdle" along the path, so it's able to use "oversized UDP" packets

_{Friday, July 15, 2011 7:46 AM}

Forgot, to ensure your DNS resolver has EDNS0 enabled, please, do the following; fire up a cmd prompt (as admin) on the server and enter

dnscmd /Config /EnableEDnsProbes 1

followed by

net stop dns && net start dns

to restart the DNS service, now retry the EDNS0 test as above, by running

nslookup -type=TXT rs.dns-oarc.net.

and check if the result shows a "no EDNS" again, if that's the case, then, for sure, something along the path is truncating or either limiting the size of DNS reply packets

_{Thursday, July 21, 2011 11:23 AM}

cmd returns the following:

C:\Users\Administrator>dnscmd /Config /EnableEDnsProbes 1

'dnscmd' is not recognized as an internal or external command,

operable program or batch file.

is that command by any chance part of the DNS server role? Because i'm not running my own DNS server.

_{Thursday, July 21, 2011 12:40 PM}

cmd returns the following:

C:\Users\Administrator>dnscmd /Config /EnableEDnsProbes 1

'dnscmd' is not recognized as an internal or external command,

operable program or batch file.

is that command by any chance part of the DNS server role? Because i'm not running my own DNS server.

Uh... don't you have an AD infrastucture ? You wrote about a windows server 2008; isn't it running inside an AD domain or, in any case, running a DNS server ?

_{Tuesday, July 26, 2011 8:13 AM}

No, like i said in an earlier post, the server is stand-alone. The only role the server has installed is Webserver. There are no windows Clients in the network.

It has 2 networks, one connects to a ISP router and the WWW. The other connects to a switch with loads of IP camera's, no internet on this side.

And IIS is installed for controlling the camera settings remotely through an ASP.net script.

_{Tuesday, July 26, 2011 9:53 AM}

No, like i said in an earlier post, the server is stand-alone. The only role the server has installed is Webserver. There are no windows Clients in the network.

It has 2 networks, one connects to a ISP router and the WWW. The other connects to a switch with loads of IP camera's, no internet on this side.

And IIS is installed for controlling the camera settings remotely through an ASP.net script.

Uhmmm... maybe I was unclear, those commands (dnscmd, net ...) must be executed on your DNS server (that is, looking at your IPconfig on the box sitting at IP 192.168.19.2) since it's that the resolver to which your webserver is sending queries; to troubleshoot the resolution issue you'll need to start by ensuring that your DNS server is correctly configured and working

_{Tuesday, July 26, 2011 7:13 PM}

No, like i said in an earlier post, the server is stand-alone. The only role the server has installed is Webserver. There are no windows Clients in the network.

It has 2 networks, one connects to a ISP router and the WWW. The other connects to a switch with loads of IP camera's, no internet on this side.

And IIS is installed for controlling the camera settings remotely through an ASP.net script.

Uhmmm... maybe I was unclear, those commands (dnscmd, net ...) must be executed on your DNS server (that is, looking at your IPconfig on the box sitting at IP 192.168.19.2) since it's that the resolver to which your webserver is sending queries; to troubleshoot the resolution issue you'll need to start by ensuring that your DNS server is correctly configured and working

I think in this case, it is safe for the poster to use the current DNS in use, which apparently based on the nslookup output is:

Server: recursor1.bbeyond.nl

Address: 62.177.144.11

I tried to test that DNS, but it doesn't respond. Apparently it is an ISP subscriber only DNS. Some ISPs limit their DNS use to their customers only.

My suggestion is to try to change the DNS server to 4.2.2.2 and see if that alleviates the issues. Or better yet, install your own DNS so you can control all records and resolution, but then again, the firewall is blocking EDNS0, therefore in conjunction with using your own DNS, use a Forwarder to bypass the ENDS0 issue and be done with the ISP stonewalling for an answer.

Ace

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

Share via

[SOLVED] DNS Client stops working

Question

All replies (29)

Additional resources