Win2k3 DNS Resolution Problems

M

movax

2[H]4U
Joined
Aug 12, 2005
Messages
3,679
Hi folks - got a problem with a Win2k3 Server I can't figure out. Every other on this machine resolves DNS just fine (want to go to google, www.google.com resolves, it connects).

The Win2k3 box takes forever (i.e. 10+ seconds) to resolve www.google.com to an IP, and does not cache it at all (i.e., if you go to google.com again, wait another 10 seconds).

Using nslookup, it seems to be resolving just fine; but when I try, say, 'ping -a www.google.com', its a good 10 seconds before I get anything.

Every other machine on the network is fully operating. Windows Firewall tried it both on and off, still DNS troubles. Machine is a DL380 G3 running Win2k3 Enterprise SP2. Its behind a standard Comcast Business Cable conn + pfSense router, connected to a PowerConnect 3048 switch.

e: Also tried enable/disabling IPv6, same issue. Machine gets its address information via DHCP:
Code: 
Windows IP Configuration

   Host Name . . . . . . . . . . . . : starscream
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : dx

Ethernet adapter HP NC7781 NIC 1:

   Connection-specific DNS Suffix  . : dx
   Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
   Physical Address. . . . . . . . . : 00-0B-CD-0E-A0-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 192.168.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Lease Obtained. . . . . . . . . . : Thursday, July 16, 2009 7:07:08 PM
   Lease Expires . . . . . . . . . . : Thursday, July 16, 2009 9:07:08 PM

Ethernet adapter HP NC7781 NIC 2:

   Connection-specific DNS Suffix  . : dx
   Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter #2
   Physical Address. . . . . . . . . : 00-0B-CD-0E-A0-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 192.168.1.11
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Lease Obtained. . . . . . . . . . : Thursday, July 16, 2009 7:07:16 PM
   Lease Expires . . . . . . . . . . : Thursday, July 16, 2009 9:07:16 PM

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%4
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : dx
   Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : C0-A8-01-0B
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.11%2
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : dx
   Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : C0-A8-01-0A
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.10%2
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Disabled

e2: will try setting node type to 'Hybrid'
 
Hi,

While I may not be able to answer your question, I can recommend that you set static IP addresses on your server. In rare cases a server need to be set with DHCP. If it would be, at least there would be a reservation that bind the IP with the MAC address.

Have you tried to install wireshark to see what's going on? It may be your best bet. If you see any particuliar errors, it may point you in the right direction, however it is not trivial to analyse network traffic without some good sysadmin foundations.

Hope it'll help you out.
 
Tried switching to static, no go...looks like it is Wireshark time :(
 
Is this server just running in workgroup mode? Or is it a member of a domain...or is it a domain controller? Big BIG difference here in how its TCP/IP should be setup. If it's just running in workgroup mode...not a member of a domain, then treat it just like any workstation and leave the IP left to DHCP.

Or better yet manually enter 2x DNS servers..use OpenDNS,
208.67.222.22
208.67.220.220

However if it's a member of a domain, and/or a domain controller..then it MUST use the IP address of the domain controller as its one and only DNS server (or itself if it's the DC).

Do you have it running DNS service?
 
YeOldeStonecat said:
Is this server just running in workgroup mode? Or is it a member of a domain...or is it a domain controller? Big BIG difference here in how its TCP/IP should be setup. If it's just running in workgroup mode...not a member of a domain, then treat it just like any workstation and leave the IP left to DHCP.

Or better yet manually enter 2x DNS servers..use OpenDNS,
208.67.222.22
208.67.220.220

However if it's a member of a domain, and/or a domain controller..then it MUST use the IP address of the domain controller as its one and only DNS server (or itself if it's the DC).

Do you have it running DNS service?
Click to expand...

Nope, only File Server running, and its just a member of a workgroup, no domain whatsoever. I'll try dropping in those OpenDNS server manually; hopefully the firewall doesn't munch on the DNS packets.
 
jonw757 said:
have you tried scanning for malware? Just a thought
Click to expand...

Yep - ran a full virus and malware scan. I think an old DNS route somewhere is broken...this problem started after I was messing with the DNS server settings on the router (going between Comcast DNS & OpenDNS). All other PCs on the network are fine now, except this one. Is there a 'flush' 'flushroute' style command for Win2k3? I don't know the 'net' shell that well.
 
You must log in or register to reply here.
Back
Top