1

Can anyone suggest anything which might cause a server to fail to resolve DNS requests at regular intervals without affecting other network traffic to that machine?

I've looked into it extensively over the last few weeks.

We run an AD controller with Windows Server Essentials 2012 R2 as a VM on Hyper-V which provides DNS and DHCP services for our network. All clients point to the AD controller for DNS and the firewall/router as gateway. The server is connected to the firewall and the rest of the network by a DLINK DGS3450 switch. For months now we have been getting intermittent DNS timeouts on client machines. I can see from a ping sensor that approximately every 20 minutes the server fails to ping the main switch for 2-3 minutes. During this time DNS lookups fail but other network traffic continues normally (RDP, SMB etc). I'm using 8.8.8.8 and 8.8.4.4 as DNS forwarders and I can still ping them during the outage.

Given that it was occurring almost exactly every 20 minutes I thought it could be SNMP or a task on the server that's causing the issue but it is not as regular as I originally thought. I've tried taking workstations and printers off the network but it hasn't helped so far. I've run packet traces and used Procmon to see if there was anything obvious happening on the server immediately before it occurs but I haven't been able to find anything so far. I tried enabling DNS debugging but it just shows SERVFAIL when the issue occurs without offering much insight.

Does anyone have any suggestions of anything else I could try or any reasons why it might be happening?

Update:

I've unplugged the original switch and replaced it with another but it hasn't made any difference except that I can no longer ping it to monitor the issue. I'm thinking it is most likely to be a problem with the server itself at this point. Has anyone had a faulty network card, an issue with Hyper-V or a server task cause an issue like this before? It's strange that the only traffic affected appears to be DNS (and pinging the switch which has now been removed).

DigitalArchitect
  • 21
  • 4
  • It would seem like the switch is having a problem. There is no information in your post about your switch or your physical / logical network layout. Very difficult to help without needed info. Best suggestion - hookup a different switch for a while and test again. – Appleoddity Jan 10 '19 at 04:52
  • The switch is a D-Link DGS-3450. The host machine is connected directly to the switch via a single ethernet port. The VMs connect via a virtual switch which just connects them to the physical port. In the past we had similar (more severe) drop outs which eventually went away but I never found out why. At that time we tried multiple switches, replaced cables, looked for IP conflicts and lots of other things but nothing worked. I've connected the host to a different switch now, but I don't have enough capacity to move all machines over to it. – DigitalArchitect Jan 10 '19 at 07:04

0 Answers0