Windows, Operating System, Security, Networking, Malware, Support, Forum, Help Site Check Our Facebook Page!
Notices
Windows Server System Post your Windows Server System questions here. Besides Windows Server, this also includes other Microsoft Server software (such as BizTalk Server, Exchange Server, ISA Server & others).


Register your FREE account to unlock additional features at WindowsBBS.com
   
 
 
LinkBack Thread Tools
Old 20th October 2008   #1
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Red face

Weird DNS Issues


One of my clients has a Single Windows Server 2003 Acting as the one and only Domain Controller so is running AD, DNS, DHCP, Print Server.

The server itself (not the workstations) is having problems browsing the web due to DNS not working. Yet if I go into the command prompt and use NSLOOKUP it resolves the IP's perfectly. I have tried the usuall ipconfig /dnsflush and restarted the DNS client on the server to no avail.

I'm currently using a bodge by using an external proxy server so it can get its Symantec Virus updates but obviously this isn't a clean fix.

Any Idea's guys? .


Last edited by ChrisUK; 20th October 2008 at 12:15.
ChrisUK is offline  

 

Register
to remove this ad.
 
 

Old 20th October 2008   #2
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

If you have DNS set up correctly, the server can look at itself for DNS lookup. Connection to the outside world comes via Forwarders set up within the DNS service.

Can you connect to a site by IP? Do a NSLOOKUP for the address you want to access and then enter the returned IP in the browser rather than the name.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 20th October 2008   #3
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Yes i've configured fowarders in the DNS server config. I have also set it to look at itself for the DNS.

Yes if I use nslookup for google.com I get:-

> google.com
Server: root._msdcs.domain.local
Address: 192.168.0.1

Non-Authoritive answer:

Name: google.com
Addresses: 209.85.171.99 64.233.187.99 74.14.207.99

And if I put any of them IP's into the browser it works. But if I try the hostname in IE it cannot find server (DNS error).

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 21st October 2008   #4
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

I think then this is an IE problem. I've seen similar things on XP system when QoS scheduler is installed (and uninstalling it fixed the problem). The places I'd look next are:
  • IE security settings. Add google to your trusted zone and see if that makes a difference (remove google from the trusted zone after the test.
  • Anti-virus - make sure there are no settings in your AV blocking the connection - perhaps erroneously seeing it as malicious action.
  • Check your proxy settings on the IE connection tab. Unless you need to use a proxy, these should be blank - and I'd always remove the option to auto-detect proxy settings unless it is needed.
  • Firewall. Do you have ISA installed? Review your Firewall settings and make sure there is nothing erroneous there. If you are using a firewall that works at the application level, you may well find that the DNS connection when you browse directly involves a system call to DNS on the server which would not be present when a client makes the same connection and therefore the application firewall setting may be different.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 29th October 2008   #5
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

In the end I resorted to using the hosts file haha. Aw well it works.

Got a new VERY weird issue now, after reinstalling the AntiVirus I had to reboot the server since doing so the DNS Server Service refuses to start. When I try to start it manually I get:- Error 14: Not Enough Storage is availible to complete this operation

There is 3-4gb's availible on Drive C:\ and 20gb's free on D:\ where the pageging file is.

Any ideas?.

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 30th October 2008   #6
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

I think this is caused by an authentication problem. That is the service fails to get the permissions it needs to use the file system. As the amount of file area it is able to access is zero and that isn't enough it comes up with a not enough file space error.

Have a look at this Google search for other similar errors.

In particular, this article suggests that you can fix the problem by adjusting the MaxTokenSize size. See this MS Technet article.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 30th October 2008   #7
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Ok thanks for the info! .

I also found an article pointing to 2 hotfixes!. Can't remember no's but ill post them tomrorow when I get back to work. Basically it changed certain UDP ports some services are bound too. So when the DNS Server starts and binds it's 2500 random ports it gets a conflict and then stops with that Error 14.

The DNS server logs appear to support this theory. I've tried the fix but won't know if its worked until the morning due to it needing a reboot

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 31st October 2008   #8
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Well my theory didn't work so I'm putting your theory into practise.

I've looked into the DNS logs and this is what im getting:-

Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 407
Date: 31/10/2008
Time: 10:29:43
User: N/A
Computer: IMPLANTS1
Description:
The DNS server could not bind a User Datagram Protocol (UDP) socket to 127.0.0.1. The event data is the error code. Restart the DNS server or reboot your computer.

Then just after Im getting:-

Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 408
Date: 31/10/2008
Time: 10:29:43
User: N/A
Computer: IMPLANTS1
Description:
The DNS server could not open socket for address 127.0.0.1.
Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parmeters\ ListenAddress value in the services section of the registry and restart.)

If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port.

Ive ran netstat -a -p UDP and theres nothing hogging the DNS port "53"

http://www.fiatforum.com/gallery/dat...istenports.JPG


Last edited by ChrisUK; 31st October 2008 at 10:40. Reason: To include some more info.
ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 31st October 2008   #9
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

Can you do this:
  • Open DNS manager
  • Right click on you DNS Server Icon (probably labelled 'IMPLANTS1' and select Properties.
  • Select the Interfaces tab
Which addresses are set as being listened to, or is the setting "All IP addresses" being used?

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 5th November 2008   #10
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Originally Posted by ReggieB View Post
Can you do this:
  • Open DNS manager
  • Right click on you DNS Server Icon (probably labelled 'IMPLANTS1' and select Properties.
  • Select the Interfaces tab
Which addresses are set as being listened to, or is the setting "All IP addresses" being used?
It doesn't have an interfaces tab... Probably because the service isn't running .

http://www.fiatforum.com/gallery/dat...rpropertys.JPG

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 5th November 2008   #11
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

Hmmm. That's not good. 127.0.0.1 is a fundamental IP address and if it isn't working, you could have a problem with the underlying TCP/IP system.

However, there could be a simple cause - something else is already listening on the DNS port (53) and the is preventing the DNS service from using that port. Try this:
Code:
netstat -ano
That will list all the ports being used or assigned to processes. Look for an entry for either 0.0.0.0:53 or 127.0.0.1:53. If there is one, something is already using the port and you need to stop it before the DNS service will start.

To track down the process, note down the PID as that will identify the process. Then do a:
Code:
tasklist
That will show you the running executable and tie them to PIDs. If the one you are looking for is tied to svchost, try this:
Code:
tasklist /svc
and that will show you the systems using svchost on that PID.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 6th November 2008   #12
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Theres nothing listening on port 53 .

So it looks like its just refusing to start .

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 6th November 2008   #13
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

I think I'd uninstall and reinstall the DNS server. However, I'm happy to rip bits out of systems and put them back together. Most other people wouldn't be so gung-ho.

The main problem is that there is a good chance that you'll cause a problem in Active Directory if you rip out DNS. Therefore, you need to be prepared to reinstall and restore AD. Also since server 2000, DNS is closely linked to DHCP so there is a chance that could need reinstalling too.

So I'd recommend you don't unless you've run out of other options.

Have a look at this guide first. It may point you in the right direction to fix this without reinstalling DNS:

http://itknowledgeexchange.techtarge...ld-ad-and-dns/

I suggest you work through some of the suggestions there before ripping DNS out and starting again.

However, getting DNS working right is worth the effort. 2003 network can spit out all sorts of problems (especially authentication problems) if DNS isn't working correctly.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 6th November 2008   #14
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

Originally Posted by ReggieB View Post
I think I'd uninstall and reinstall the DNS server. However, I'm happy to rip bits out of systems and put them back together. Most other people wouldn't be so gung-ho.

The main problem is that there is a good chance that you'll cause a problem in Active Directory if you rip out DNS. Therefore, you need to be prepared to reinstall and restore AD. Also since server 2000, DNS is closely linked to DHCP so there is a chance that could need reinstalling too.

So I'd recommend you don't unless you've run out of other options.

Have a look at this guide first. It may point you in the right direction to fix this without reinstalling DNS:

http://itknowledgeexchange.techtarge...ld-ad-and-dns/

I suggest you work through some of the suggestions there before ripping DNS out and starting again.

However, getting DNS working right is worth the effort. 2003 network can spit out all sorts of problems (especially authentication problems) if DNS isn't working correctly.
Thanks for all your help. I'll update how I get on in the coming week .

ChrisUK is offline  

Did you find this post helpful? Yes | No
Old 12th November 2008   #15
Inactive
THREAD STARTER
 
Profile:
Join Date: Oct 2008
Posts: 9
Computer Experience:
Experienced
ChrisUK Reputation Level

I've tried the gun ho method, I removed the DNS Server Service (didn't effect AD ). Then re-installed DNS Server Service and still get error 14 upon starting .

Going to start looking though your links you've provided.

ChrisUK is offline  

Did you find this post helpful? Yes | No


 

THIS THREAD HAS EXPIRED.

Are you having the same problem? Please post a new thread, but first you'll have to join us by Registering (FREE).



Discussion Forums
Operating Systems
Windows 8 Windows 8
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Legacy Windows OS Legacy Windows OS
Internet & Networking
Networking (Hardware & Software) Networking
Internet Explorer Internet Explorer
Microsoft Mail Microsoft Mail
Firefox, Thunderbird & SeaMonkey Firefox, Thunderbird
      & SeaMonkey

Web Applications & Cloud Web Applications & Cloud
General Internet
Security
Malware and Virus Removal Malware and Virus
     Removal

Security and Privacy Security and Privacy

Other
Other PC Software Other PC Software
Test Posts Test Posts
Hardware
PC Hardware PC Hardware
Mobile Devices Mobile Devices
Community
Introductions Introductions
General Discussions General Discussions
Site Comments & Suggestions Site Comments
      & Suggestions

News News @ WindowsBBS

Thread Tools


Find us on Facebook   Web Of Trust Rating

All times are GMT. The time now is 15:11.


Recent Discussions
"Win Explorer has stopped work.. (4)
Robocopy - 0xb exit code (0)
"My Computer" Folder won'.. (12)
printer error 0x0000000d (25)
Windows Mobile Device Center & .. (1)
BSOD Windows7 ntkrnlpa.exe (2)
Drive Transfer (1)
I need advice about whether I need .. (3)
BSoD (2)
DVD Drive (10)
Dell Studio 540 350watt psu require.. (12)
Unable to see other computers after.. (4)
Dump Data : BSoD 0x000000BE, bcmwl6.. (3)
Trouble seeing wireless printer Bro.. (4)
Keyboard and mouse freeze after a f.. (6)
XP fails to boot (4)
Microsoft Windows 7 Support to End .. (5)
Cannot mount Seagate to Router (12)
Wrong CPU Installing (5)
Windows 7 OLEAUT32.DLL Error (4)


Donate!
Support Windows BBS!



Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO
Copyright 2002 - 2013 WindowsBBS.com. All rights reserved.
FDMA Media LLC
Terms of Use, Legal Information & Privacy Policy
Page generated in 0.18394 seconds with 7 queries