0

We have a problem that affects our entire local network where the external DNS completely fails for a minute or so a few times a day. I'm not sure if it happens on all computers at the same time or just on one at a time, but basically for a minute or so, the victim is not able to access anything that requires a DNS lookup.

For instance, just a minute ago, I got "Firefox can't find the server at en.wikipedia.org". I pinged en.wikipedia.org and got "Ping request could not find the host at en.wikipedia.org. Please check the name and try again." After about 20 seconds, I refreshed the page and was greeted by wikipedia as usual. The ping request also worked fine after this break. This happens several times a day and no sites are accessible except for (i believe) sites you were already browsing.

Every computer is connected to a single domain on Windows Small Business Server 2003, which runs through a SonicWall TZ170 firewall before going to the T1 modem. Has anyone heard of any issues that could cause this problem?

Edit: I am able to ping specific IP addresses while it is down, so it does appear to be a DNS issue.

Travis
  • 333
  • 1
  • 3
  • 11
  • When the DNS is down, can you ping the IP address of the DNS servers? That should confirm if the DNS server is unreachable, for example. – Tim Long Aug 14 '09 at 13:10

3 Answers3

2

Your question left out a few relevant details such as who is your ISP and are you using THEIR DNS servers or your own?

I've seen something similar to your problem.

A client of mine had a Comcast business connnection. The DNS servers assigned to them (Comcast's) were really strange. About once or twice a day they would just "stop working". It wasn't every single day but it was close enough that we decided to switch them over to one of my DNS servers (temporarily) just to make sure it was Comcast's DNS and not something else.

As it turned out... everything worked fine for them on my DNS server so we switched them (again) over to OpenDNS.

Once again, problem solved.

Just to be 110% positive... we switched them back to Comcast. The problems came back.

So, we put them on OpenDNS and left them there. They've been happy ever since.

Hope this helps.

http://www.opendns.com

KPWINC
  • 11,274
  • 3
  • 36
  • 44
0

is it the same time every day? do you have dns services on the dc server scheduled to restart?

Keith
  • 2,419
  • 1
  • 22
  • 18
  • It is not happening at the same time every day, and the services are not set to restart on the domain controller. – Travis Aug 06 '09 at 19:34
-1

How have you verified that it's a DNS issue? Are you able to ping specific IP addresses? Do nslookup commands to external servers fail during those brief outages? If you check the uptime on your SonicWALL, does it show any outages? You can also do packet captures on the SonicWALL that might be helpful if it happens often enough to monitor that sort of thing.

pk.
  • 6,413
  • 1
  • 41
  • 63
  • Sorry for the delay, it took a while for it to go down again. I am able to ping the IP directly when it is down, but not the domain, so it does appear to be DNS-related. – Travis Aug 06 '09 at 19:35
  • These SonicWALLs have the ability to do packet traces and if I were dealing with the issue I'd start monitoring DNS traffic (port 53 UDP, TCP) to see if the firewall was playing a part in your troubles. – pk. Aug 14 '09 at 13:43