No announcement yet.

DNS On Single Server Stopped Working

  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS On Single Server Stopped Working

    My new W2K3 install was working great yesterday. Booted it up today to put it into production and DNS is not working. When I go to dnsmgmt, right click server, click Properties, then click Monitor tab and run the Simple and Recursive tests the Simple test passes every time but the Recursive test is failing. How do I find what's wrong with the Recursion?

    I have static IP address on both NICs in the server.

    On DNS Server Properties:
    Interfaces: Checked "Only the following IP address: have both internal NIC addresses listed

    DNS Domain: "All other DNS domains.
    Select domain's forwarder IP address list: (our ISPs primary and secondary listed)

    Everything else is default on the other tabs.

    At this point I have installed on this server: AD, DHCP, DNS, WINS, Remote Access/VPN, Terminal Server, Application Server, Print Server, File Server.

    When I need to put the server/new network on the internet I connect it to the live router. Over the weekend I set that live router to be in our new subnet but gave it's DHCP server a scope outside of the range of the scope on the DHCP server.

    Any help would be GREATLY appreciated!

  • #2
    Re: DNS On Single Server Stopped Working

    Check these items:

    1. Do you have Root Hints servers listed on the Root Hints tab of the DNS server properties?

    2. Do you have the "disable recursion" check box checked?

    3. If you are using forwarders (which I don't recommend) do the forwarders support recursion? The easiest way to test this is to do an nslookup using your forwarding servers and query for a record that the forwarders are not authoritive for. If the forwarder returns a list of Root Hint servers, then this means the forwarder does not do recursion.


    • #3
      Re: DNS On Single Server Stopped Working

      Thanks for the help.

      1. Yes there are quite a few Root Hints servers. All though I remember seeing a warning message when I setup the DNS server saying it had some issue with the Root Hints.

      2. I tried a quick test with the "Do Not Use Recursion" checked and it made no difference.

      3. I was told that since we have our internet connected to our server via a Netgear router I should setup the new server to forward to our ISP's DNS servers and that I had to have Recursion to use the Forwarders. The nslookup on the ISP server gave me a "Default servers are not available", Server: Uknown, followed by Name:,

      If it helps any, I know when I ran the Monitor tab recursive test yesterday it worked. I'm wondering if the Windows or the firewall did an update that is causing the problem. Right now, since it's not on the net, I've got the firewall turned off.

      Thanks again for the suggestions.


      • #4
        Re: DNS On Single Server Stopped Working

        It's true about enabling recursion when using forwarders and it sounds like the forwarders are not performing the recursive query for your server. Do this at a command prompt and tell me what the results are:

        server "ip address of your forwarder"

        server "ip address of your other forwarder"


        • #5
          Re: DNS On Single Server Stopped Working

          For our first server I received the following:

          Non-authoritative answer:

          For our second server I received:

          Non-authoritative answer:

          I have noticed since my last post that browsing in Network Places sometimes shows the other domain computers and sometimes doesn't. Haven't not been able to detect any reason for the changes. In any case, the other computer(s) are not there for very long so whatever is changing isn't holding.
          Last edited by Bob Goodman; 30th October 2007, 22:53. Reason: Added comments.


          • #6
            Re: DNS On Single Server Stopped Working

            It looks like the DNS servers at your ISP are doing recursion and are working correctly. Have you checked your Event Logs on the DNS server?


            • #7
              Re: DNS On Single Server Stopped Working

              What happens if you try the recursive DNS test on the Monitoring tab of the servers properties.

              Also can you please post an IPCONFIG /ALL and delete any sensitive information.


              • #8
                Re: DNS On Single Server Stopped Working

                1. The DNS Event log has one error for today -- a 6702 error, attempted to replicate but it's the only DNS server in the forest/domain.

                2. Since my earlier post I read an article on this site about configuring for DNS and noticed that article recommended pointing the NIC's dns to itself. So I've done that (other articles I read said don't do that).

                At the moment I can log onto the server and access shares but the Network Places on the server still doesn't see the clients -- even with all firewalls off. The key term is "at the moment" because the DNS seems to be very unstable.

                Even though the Network Places lookup isn't working this time the DNS Monitoring Test passed both the Simple and Recursive Test.

                I have 2 nics with manual IPs.
                ipconfig /all looks like this:

                Host name: servername
                Primary DNS Suffix: (our domain name)
                Node Type: Unknown
                IP Routing Enabled: Yes
                WINS Proxy Enabled: Yes
                DNS Suffix Search List:

                Ethernet adapter Local Area Connection 2:

                Connection specific DSN Suffix: (blank)
                Description: (its a gigabit card)
                Physical Address: 00-19-B9-XX-xx-XX (I changed the numbers to Xs)
                DHCP Enabled: No
                IP Address:
                Subnet Mask:
                Default Gateway: (blank)
                DNS Servers:

                Ethernet adapter Local Area Connection:

                Connection specific DNS Suffix: (blank)
                Description: (is another gigabit card)
                Physical Address: 00-19-B9-XX-xx_XX (I put in the Xs)
                DHCP Enabled: No
                IP Address:
                Subnet Mask:
                Default Gateway: (Router to internet)
                DNS Servers:

                Hope I gave you everything you needed and nothing I shouldn't have put out on the 'net.

                THANKS for the help. Bob


                • #9
                  Re: DNS On Single Server Stopped Working

                  So the server is multihomed? Presumably for RAS, correct? .25 is the NIC that RAS clients connect to? Is DNS listening on both addresses? I would tell it to listen only on .24 and I would tell the .25 NIC to use .24 for DNS. It is a MS recommendation that a DC/DNS server point to itself for DNS.

                  As for the My Network Places issue, this does not rely on DNS it relies on NetBIOS and SMB. It could be a WINS issue, I would get rid of WINS altogether unless you have some legacy clients or applications that need it. Also your server is not configured to use WINS based on the output of your ipconfig/all. If you're going to use WINS you should configure your server to use itself for WINS. Also, why are you using your server as a WINS proxy? You should rip out WINS and use DNS only.


                  • #10
                    Re: DNS On Single Server Stopped Working

                    Another little tip is to put the DNS suffix into the network connection settings as well. There is also another spot under system properties that i put it.

                    It might be me but i always do it.


                    • #11
                      Re: DNS On Single Server Stopped Working

                      I don't think it has to be multihomed, I will have RAS -- VPN for our laptop users and for a sister company with 5 clients across the street. I've had both NICs running for redundancy. It's a small business -- less than 10 client PCs so I don't think there will be a bandwidth issue. Would it be better to turn off one of the NICs and run everything through one?

                      I'll point DNS on both NICs to the .24.

                      I had not planned on putting in the WINS because everything is XP Pro/W2K3 but when I started having problems a different forum suggest it. I'll gladly rip it back out and won't be going back to that forum.

                      I'll put that DNS suffix in as well.

                      I'm delighted to get your suggestions/recommendations. I wasn't trying to over-complicate this but it seems like I've tied myself in a knot just attempting to fully utilize their configuration.

                      Can't say thank you enough. I'll implement your suggestions tomorrow AM when I get back to the office and post an update.



                      • #12
                        Re: DNS On Single Server Stopped Working

                        If you use the RAS function and not the VPN function then you can disable the .25 NIC. Make sure to give the . 24 NIC a default gateway. I would unconfigure any RAS and/or VPN you have now then disable the .25 NIC and then reconfigure RAS. This will make the whole process simpler. WINS really isn't neccessary in your environment unless you have legacy clients or applications that need it, it sounds like you don't, so I definitely recommend removing it.

                        Keep us posted and hopefully we can continue to offer our best intentioned advice and opinions.


                        • #13
                          Re: DNS On Single Server Stopped Working

                          The good news is that those changes you recommended have made some definite improvements. THANKS!

                          Here's what I did this AM.
                          1. Put the gateway on the .24 nic.
                          2. Put the DNS suffix,, in the DNS suffix field on the nic.
                          3. Disabled the .25 nic
                          4. Removed the .25 ip address from the DNS server
                          5. Stopped the WINS server service
                          6. Removed the WINS server via Windows Components
                          7. Rebooted the server

                          I can login very quickly with a client, I can ping the domain name, I can even ping the server by name (that's a first). Plus the flaky Network Places problem appears to be gone. All very good news!

                          The challenge is that I must have missed something because when I try to use the internet from one of the new clients web browsing is slow, if at all. Web browsing from the server is extremely fast. So, after rebooting the PC once the Server reboot was complete, I ran an ipconfig /all on a client PC and this is what I get.

                          Windows IP Configuration
                          Host Name: (computer name)
                          Primary DNS Suffix:
                          Node type: Hybrid
                          IP Routing Enabled: No
                          WINS Proxy Enabled: No
                          DNS Suffix Search List:,
                 (Yes, it's there twice)

                          Adapter 2 (Gigabit adapter):
                          Connection specific DNS Suffix:
                          Description: (gigabit adapter)
                          Physical Address: 00-18-4D-XX-XX-XX (I put in the Xs)
                          DHCP Enabled: Yes
                          Autoconfiguration Enabled: Yes
                          IP Address:
                          Default Gateway: (I expected this to be gone)
                          DHCP Server:
                          DNS Servers:
                 (can't find where this is coming from)
                          Primary WINS Server:
                          Secondary WINS Server:
                          Lease Obtained: (date and time)
                          Lease Expires: (date and time)

                          I've checked the properties on the DNS server repeatedly and on the nic and don't see where the .25 stuff is coming from, suggestions? What else should I do to complete the removal of the WINS?

                          Thanks again.


                          • #14
                            Re: DNS On Single Server Stopped Working

                            Check your DHCP scope on the DHCP server and remove any invalid options, such as the .25 address, the WINS, etc. and make sure to set the .1 as the gateway instead of the .24. Your client machines should go directly to .1 for internet access.

                            Double check all tabs of the NIC properties on the client machine and make sure there are no static entries for WINS, .25, etc. Also, on the client machine you really don't need to use connection specific DNS suffix, so remove any if they exist.


                            • #15
                              Re: DNS On Single Server Stopped Working

                              You were right. Thought I had checked those settings but must have missed them. Thanks.

                              The new server/new client communications seems to be working really well. When I attempt to access the old workgroup computers (running W2K) I get an error. Is that because we've removed WINS? If so, I'll move the data via physical media rather than attempt to put WINS back in just to move a few user files. The W2K computers and the XP Home computers are all going away as soon as part of this upgrade.

                              Do have any suggestions for me on how I should configure the WSUS server or can I just run with the wizard recommendations?

                              Sounds like you definitely prefer RAS via VPN. Can you point me to some setup info on RAS so I can go that direction? All the reading I have done was to get setup on VPN but am always glad to look for better solutions.

                              You've been an amazing help! It's so nice to be moving forward and not pulling my hair out -- don't have any to spare.