Intermittent Failure to Resolve Win Server hosted DNS entry from random clients
Hello,
I'm stumped on this one, and searches online and on the forums have failed to give an answer.
My network consists of two Windows Server 2008 R2 DC servers with DNS replicated across them.
Users are intermittantly failing to resolve a given resource url.
1 user may be effected while others are not.
The issue often resolves itself after an unknown period of time.
I'll try to provide a detailed description:
Client OS: Win7 SP1 and WinXP SP3
Resource Location: Intranet hosted via IIS on alternate port on main DC/DNS server.
Resource URL: TM.KawaApps.com (192.168.1.2)
DNS Configuration: DNS replicated across 2 DC's on intranet.
Forward Lookup zone created: "KawaApps.com"
I have tried entering the URL as both a CName, and A record. Both produced the same problem.
Host: TM
FQDN: TM.KawaApps.com
IP Address: 192.168.1.2
Update associated pointer (PTR) record: True/Checked
Other CName records in this forward zone do not exhibit the same issues but are used less frequently.
Symptoms:
1) When the issue is occurring, other urls in the same forward lookup zone resolve correctly.
(That is, I can reach DownloadTM.kawaapps.com)
2) The resource is being accessed by a WSDL generated class in a Windows Form application.
The Web Service URL is supplied at runtime. It is often initially resolved, and over the course
of the day of using the application resolution failures may or may not occur (usually it works fine.) The url points to a .net WSDL application hosted on IIS.
3) When Issue is occurring ping fails to resolve server address (192.168.1.2)
If I ping the same server using a different url (ex: downloadTM.kawaapps.com) ping is successful.
4) Attempts to resolve the address in IE fail.
Attempts to resolve other subdomain entries in IE pointing to the same server are successful
5) NSLookup appears to properly resolve the resource (This, however, may be an anomaly as the issue could have potentially already resolved itself.)
6) No related Errors or entries in Event log on server
Possible Short Term Solutions
Reboot or DNS flush appears to correct the problem. Because of the short term (few minutes)/intermitant nature of the problem it is difficult to determine if this is a solution of side effect)
Other Notes: I believe that I was able to grab a wireshark capture when the problem was occurring. I have not yet reviewed the logs but am not sure what to look for.
Thank you for any help that can be provided.
- Jordan
June 28th, 2011 12:52am
Hi Jordan,
Thanks for posting here.
Is this Host TM multihomed? have you deployed WINS in your environment also ?
Please check the TTL entry of this record on DNS server.
What’s DNS suffix setting on client? which DNS servers are these clients pointed to ?
Try also ping host TM with FQDN and end with a dot when this issue occur and see how is going : “ ping TM.KawaApps.com. “
Thanks.
Tiger Li
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2011 3:26am
Hi Jordan,
Thanks for posting here.
Is this Host TM multihomed? have you deployed WINS in your environment also ?
Please check the TTL entry of this record on DNS server.
What’s DNS suffix setting on client? which DNS servers are these clients pointed to ?
Try also ping host TM with FQDN and end with a dot when this issue occur and see how is going : “ ping TM.KawaApps.com. “
Thanks.
Tiger Li
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
June 29th, 2011 3:26am
Hi Jordan,
Thanks for posting here.
Is this Host TM multihomed? have you deployed WINS in your environment also ?
Please check the TTL entry of this record on DNS server.
What’s DNS suffix setting on client? which DNS servers are these clients pointed to ?
Try also ping host TM with FQDN and end with a dot when this issue occur and see how is going : “ ping TM.KawaApps.com. “
Thanks.
Tiger Li
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2011 10:26am
Hi Tiger Li,
I apologize for not responding earlier. I thought I would receive an email alert for responses but did not receive one for your post.
I will get and post this information for you tomorrow when I return to the office.
Again sorry for the delay and thank you for your help!
- Jordan
July 5th, 2011 9:17pm
Hi Tiger Li,
I apologize for not responding earlier. I thought I would receive an email alert for responses but did not receive one for your post.
I will get and post this information for you tomorrow when I return to the office.
Again sorry for the delay and thank you for your help!
- Jordan
Free Windows Admin Tool Kit Click here and download it now
July 5th, 2011 9:17pm
Hi Tiger Li,
I apologize for not responding earlier. I thought I would receive an email alert for responses but did not receive one for your post.
I will get and post this information for you tomorrow when I return to the office.
Again sorry for the delay and thank you for your help!
- Jordan
July 6th, 2011 4:17am
Ok, interesting update.
One of the users reported the problem again and grabbed an output from ipconfig /displaydns
The resource TM.KawaApps.com should point to 192.168.1.2
Instead I received the following entry:
tm.kawaapps.com
----------------------------------------
Record Name . . . . . : tm.kawaapps.com
Record Type . . . . . : 1
Time To Live . . . . : 3074
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 68.178.232.99
By performing an ipconfig /flushdns the system began using the proper IP again (192.168.1.2)
Notes on DNS:
Via my DHCP server I have the following DNS servers pushed to clients:
Primary: 192.168.1.2 (Main DC with DNS services)
Secondary: 192.168.1.8 (Redundant DC with DNS replication)
Third: 4.2.2.1 (Public DNS in the event of failure)
Notes On IP: 68.178.232.99
I ran a WhoIs on the IP and it is registered to GoDaddy.com
I have registered the Domain KawaApps.com through GoDaddy, so it would make sense that outside of the intranet users would resolve to this.
My new question is why then am I resolving the uri to the external address when my internal DNS servers should be handling the request?
As always, any help is greatly appreciated!
- Jordan
Free Windows Admin Tool Kit Click here and download it now
July 8th, 2011 6:49pm
Ok, interesting update.
One of the users reported the problem again and grabbed an output from ipconfig /displaydns
The resource TM.KawaApps.com should point to 192.168.1.2
Instead I received the following entry:
tm.kawaapps.com
----------------------------------------
Record Name . . . . . : tm.kawaapps.com
Record Type . . . . . : 1
Time To Live . . . . : 3074
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 68.178.232.99
By performing an ipconfig /flushdns the system began using the proper IP again (192.168.1.2)
Notes on DNS:
Via my DHCP server I have the following DNS servers pushed to clients:
Primary: 192.168.1.2 (Main DC with DNS services)
Secondary: 192.168.1.8 (Redundant DC with DNS replication)
Third: 4.2.2.1 (Public DNS in the event of failure)
Notes On IP: 68.178.232.99
I ran a WhoIs on the IP and it is registered to GoDaddy.com
I have registered the Domain KawaApps.com through GoDaddy, so it would make sense that outside of the intranet users would resolve to this.
My new question is why then am I resolving the uri to the external address when my internal DNS servers should be handling the request?
As always, any help is greatly appreciated!
- Jordan
July 8th, 2011 6:49pm
Ok, interesting update.
One of the users reported the problem again and grabbed an output from ipconfig /displaydns
The resource TM.KawaApps.com should point to 192.168.1.2
Instead I received the following entry:
tm.kawaapps.com
----------------------------------------
Record Name . . . . . : tm.kawaapps.com
Record Type . . . . . : 1
Time To Live . . . . : 3074
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 68.178.232.99
By performing an ipconfig /flushdns the system began using the proper IP again (192.168.1.2)
Notes on DNS:
Via my DHCP server I have the following DNS servers pushed to clients:
Primary: 192.168.1.2 (Main DC with DNS services)
Secondary: 192.168.1.8 (Redundant DC with DNS replication)
Third: 4.2.2.1 (Public DNS in the event of failure)
Notes On IP: 68.178.232.99
I ran a WhoIs on the IP and it is registered to GoDaddy.com
I have registered the Domain KawaApps.com through GoDaddy, so it would make sense that outside of the intranet users would resolve to this.
My new question is why then am I resolving the uri to the external address when my internal DNS servers should be handling the request?
As always, any help is greatly appreciated!
- Jordan
Free Windows Admin Tool Kit Click here and download it now
July 9th, 2011 1:49am