Hi,
We're having a really strange DNS problem on our network. I hope anyone here has encountered it before and can give us a hint to solve it.
Here's the situation: in our LAN (one of the several LAN's, connected to each other via a firewall), a local DNS server is running. It handles several local zones and of course acts as a nameserver to look up external names recursively. The server runs Windows Server 2003, with the MS DNS and DHCP servers.
On some of the machines in the LAN, there is a problem when looking up a name in one of the internal zones. When using nslookup, it returns after the timeout saying:
DNS request timed out.
timeout was 2 seconds.
*** Request to xxxxx timed-out
(where xxxxx is the name of our internal nameserver).
Using unqualified or fully qualified names doesn't make any difference.
The reverse lookup of any internal IP-address gives the correct name immediately, without any delay or timeout. Likewise, forward lookups of external names (e.g. also work correctly without delay.
One of the strange things is that this doesn't happen on all internal machines - it's just on a few, which seem to have the same configuration as the non-working ones, though.
Turning on logging in the DNS server showed that the non-working lookups don't even get logged, so they don't seem to reach the DNS server software. We didn't have the opportunity to sniff the network yet at the server's end - on the client's end, we see DNS requests leaving, but no reply returns.
Every once in a while, the DNS server generates an ICMP Port Unreachable, which is strange, too. But this doesn't seem to happen very often.
As you can tell from my lenghty explanation, we've been trying and checking many possibilities already, and we're clueless as to where to go next. So any suggestions are very welcome!
Kind regards,
YD
We're having a really strange DNS problem on our network. I hope anyone here has encountered it before and can give us a hint to solve it.
Here's the situation: in our LAN (one of the several LAN's, connected to each other via a firewall), a local DNS server is running. It handles several local zones and of course acts as a nameserver to look up external names recursively. The server runs Windows Server 2003, with the MS DNS and DHCP servers.
On some of the machines in the LAN, there is a problem when looking up a name in one of the internal zones. When using nslookup, it returns after the timeout saying:
DNS request timed out.
timeout was 2 seconds.
*** Request to xxxxx timed-out
(where xxxxx is the name of our internal nameserver).
Using unqualified or fully qualified names doesn't make any difference.
The reverse lookup of any internal IP-address gives the correct name immediately, without any delay or timeout. Likewise, forward lookups of external names (e.g. also work correctly without delay.
One of the strange things is that this doesn't happen on all internal machines - it's just on a few, which seem to have the same configuration as the non-working ones, though.
Turning on logging in the DNS server showed that the non-working lookups don't even get logged, so they don't seem to reach the DNS server software. We didn't have the opportunity to sniff the network yet at the server's end - on the client's end, we see DNS requests leaving, but no reply returns.
Every once in a while, the DNS server generates an ICMP Port Unreachable, which is strange, too. But this doesn't seem to happen very often.
As you can tell from my lenghty explanation, we've been trying and checking many possibilities already, and we're clueless as to where to go next. So any suggestions are very welcome!
Kind regards,
YD