We have installed a windows 2008 r2 server and lately I see it connecting to the internet up tp 2500 times at once. It is connecting to our ISP's dns server so I don't suspect a virus plus Kaspersky shows no problem. We have about 40 computers using this server for dns. Any idea what could be happening? It seems to connect at this rate for only a short time then back to normal for 10 minutes or so.

If you take a network packet capture, it should reveal the type of traffic and the destination. Alternatively, if you have a permiter firewall, I would assume that you are logging outbound connections, maybe?Visit: anITKB.com, an IT Knowledge Base.

Hi, Try running Ethereal packet trace and see what/where the traffic is. If you are pointing all of your client computers to the internal DNS, it will more than likely send all internet DNS requests to your internal DNS first which will then hop out to your ISP. More than likely, that is what is happening. Tip: on a client machine, open command prompt and type tracert www.microsoft.com and note the hops. I am betting one of those IP's will be that of your DNS server. Martin If you find my information useful, please rate it. :-)