Hi All

after an abrupt power outage our essentials server has come up with less than satisfactory DNS performance.

In the domain environment I consistently get DNS_PROBE errors right before the page actually loads.  This problem is quite prominent when accessing sites suggested by google ads (this is how I test).

so basically if i search for something generic (cars for sale in sydney) and click on one of the google ads in the results, i wait.  then wait.  then wait.  then i may get a DNS_PROBE error, then shortly after the page will load.

If I hard code the ISP's DNS server to the NIC, internet is super speedy with no errors.  (it was and still is default to 127.0.0.1)

At this stage I have configured DHCP to assign addresses using the ISP DNS server.  This of course fixes the internet issues, but plays havoc with the domain and authentication.

this is a list of what I have tried thus far:

*  configured ipv4 and ipv6 reverse lookups with ptrs

*  disabled ipv6 using the microsoft "fix its" after trying to get ipv6 to work.

*  tried different forwarders (google and isp) tried it with and without root hints, tried it with root hints only

*  netsh winsock reset

*  applied all current updates and patches.

nslookups from the server resolve the server itself, but external lookups fail (2 sec timeout).  subsequent lookups obviously work after it has been cached.

the firewall on the server has been dropped, as has the firewall on the modem.  anti virus has also been disabled.  problem occurs both on the server and workstation 

there are no error logs on the server nor dns specific (which would lead me to believe that it is the problem) and so far debugging has hasnt given me much info either.

this is a single Windows Essentials Server 2012 R2 box servicing around 20 PCs.  it is dual nic (but one has been disabled since install) and all power management options have been disabled.  

before I do something drastic (like rebuilding the server, which normally wouldn't be a problem, but copying 8TB of data is a huge time suck) i was wanting to know if there is anything else I should try.

Is it possible to remove the DNS role from the server and re add it?  I don't want to do anything that could "brick" the server before I do a data copy but I have tried pretty much every solution available on the net.

help please?

Hi Dexter Eugenio,

According to your description, when clients use domain DNS server to open internet website, it may get error DNS_PROBE, when clients use ISPs DNS server, it works well. And when you use command nslookup, the domain DNS server couldnt resolve external name.

If the DNS server is along with AD integrated zones, we may use command dcdiag/test:dns on DNS server to test general issues.

In order to monitor the process of the DNS resolution, we may install the network monitor to perform a network traffic capture on DNS server. As you have tried forwarders on the DNS server, we may check if the DNS server could send out forward requests to the external DNS server, and receive the correct IP address from external server. Since you have tried forwarders and it failed to work, we may find out which process is blocked.

You may click the following link to download network monitor:

https://www.microsoft.com/en-us/download/details.aspx?id=4865

If we finally find out that the problem is due to the DNS server itself, and try to reinstall DNS server role, we may refer to the following article to backup DNS zone:

To restore an AD-integrated zone:

https://technet.microsoft.com/en-us/library/Ff807395(v=WS.10).aspx

If the dns server is standalone, we may typically find the backup files in C:\Windows\System32\dns

Best Regards,

Anne He