0

I have a Windows 2008 server running DNS server (it's also the domain controller). DNS resolution is not working properly: it's sporadic. From this server's command prompt, a NSLOOKUP sometimes works and sometimes returns a Timeouut error.

For example, nslookup www.aol.com will sometimes return the correct A records, and trying a few seconds later will timeout.

The DNS server forwarders are configured as 208.67.222.222 (OpenDNS) and 8.8.8.8 (Google).

The server's NIC is configured to use itself as the first DNS (192.168.1.2) and 208.67.222.222 as the secondary DNS.

I'm also seeing Event 5781 (Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.[domain].local failed.), but I have gone through the suggestions, and we have not removed or promoted a DC. The only change is a new internet router/firewall, but it's still at the same IP address and configured the same.

Thanks for any help!

Ryan Griggs
  • 885
  • 2
  • 12
  • 27
  • 3
    A Domain Controller should never use anything other than itself or another Domain Controller for DNS. Remove 208.67.222.222 from the NIC on the DC and add the ip address of another DC/DNS server if you have one, or 127.0.0.1 if you don't. – joeqwerty Jun 12 '17 at 20:14

1 Answers1

1

Turns out the issue was due to the new router's outgoing UDP flood prevention. It was enabled by default but the allowed number of connections was by default set much too low to be suitable to a workgroup. Router is a Netgear prosafe fvs336g, and other people have experienced the same issue.

Ryan Griggs
  • 885
  • 2
  • 12
  • 27