Intermittent Failure to Resolve Win Server hosted DNS entry from random clients
Hello, I'm stumped on this one, and searches online and on the forums have failed to give an answer. My network consists of two Windows Server 2008 R2 DC servers with DNS replicated across them. Users are intermittantly failing to resolve a given resource url. 1 user may be effected while others are not. The issue often resolves itself after an unknown period of time. I'll try to provide a detailed description: Client OS: Win7 SP1 and WinXP SP3 Resource Location: Intranet hosted via IIS on alternate port on main DC/DNS server. Resource URL: TM.KawaApps.com (192.168.1.2) DNS Configuration: DNS replicated across 2 DC's on intranet. Forward Lookup zone created: "KawaApps.com" I have tried entering the URL as both a CName, and A record. Both produced the same problem. Host: TM FQDN: TM.KawaApps.com IP Address: 192.168.1.2 Update associated pointer (PTR) record: True/Checked Other CName records in this forward zone do not exhibit the same issues but are used less frequently. Symptoms: 1) When the issue is occurring, other urls in the same forward lookup zone resolve correctly. (That is, I can reach DownloadTM.kawaapps.com) 2) The resource is being accessed by a WSDL generated class in a Windows Form application. The Web Service URL is supplied at runtime. It is often initially resolved, and over the course of the day of using the application resolution failures may or may not occur (usually it works fine.) The url points to a .net WSDL application hosted on IIS. 3) When Issue is occurring ping fails to resolve server address (192.168.1.2) If I ping the same server using a different url (ex: downloadTM.kawaapps.com) ping is successful. 4) Attempts to resolve the address in IE fail. Attempts to resolve other subdomain entries in IE pointing to the same server are successful 5) NSLookup appears to properly resolve the resource (This, however, may be an anomaly as the issue could have potentially already resolved itself.) 6) No related Errors or entries in Event log on server Possible Short Term Solutions Reboot or DNS flush appears to correct the problem. Because of the short term (few minutes)/intermitant nature of the problem it is difficult to determine if this is a solution of side effect) Other Notes: I believe that I was able to grab a wireshark capture when the problem was occurring. I have not yet reviewed the logs but am not sure what to look for. Thank you for any help that can be provided. - Jordan
June 28th, 2011 12:52am

Hi Jordan, Thanks for posting here. Is this Host TM multihomed? have you deployed WINS in your environment also ? Please check the TTL entry of this record on DNS server. What’s DNS suffix setting on client? which DNS servers are these clients pointed to ? Try also ping host TM with FQDN and end with a dot when this issue occur and see how is going : “ ping TM.KawaApps.com. “ Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2011 10:26am

Hi Tiger Li, I apologize for not responding earlier. I thought I would receive an email alert for responses but did not receive one for your post. I will get and post this information for you tomorrow when I return to the office. Again sorry for the delay and thank you for your help! - Jordan
July 6th, 2011 4:17am

Ok, interesting update. One of the users reported the problem again and grabbed an output from ipconfig /displaydns The resource TM.KawaApps.com should point to 192.168.1.2 Instead I received the following entry: tm.kawaapps.com ---------------------------------------- Record Name . . . . . : tm.kawaapps.com Record Type . . . . . : 1 Time To Live . . . . : 3074 Data Length . . . . . : 4 Section . . . . . . . : Answer A (Host) Record . . . : 68.178.232.99 By performing an ipconfig /flushdns the system began using the proper IP again (192.168.1.2) Notes on DNS: Via my DHCP server I have the following DNS servers pushed to clients: Primary: 192.168.1.2 (Main DC with DNS services) Secondary: 192.168.1.8 (Redundant DC with DNS replication) Third: 4.2.2.1 (Public DNS in the event of failure) Notes On IP: 68.178.232.99 I ran a WhoIs on the IP and it is registered to GoDaddy.com I have registered the Domain KawaApps.com through GoDaddy, so it would make sense that outside of the intranet users would resolve to this. My new question is why then am I resolving the uri to the external address when my internal DNS servers should be handling the request? As always, any help is greatly appreciated! - Jordan
Free Windows Admin Tool Kit Click here and download it now
July 9th, 2011 1:49am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics