Could it be EDNS0 and because you are doing DNS queries through some firewall? Does the following apply: SYMPTOMS After you upgrade your Microsoft Windows 2000-based DNS server to Microsoft Windows Server 2003, DNS queries to some domains may not be resolved successfully. Back to the top
CAUSE This issue occurs because of the Extension Mechanisms for DNS (EDNS0) functionality that is supported in Windows Server 2003 DNS. ENDS0 permits the use of larger User Datagram Protocol (UDP) packet sizes. However, some firewall programs may not permit UDP packets that are larger than 512 bytes. As a result, these DNS packets may be blocked by the firewall. See http://support.microsoft.com/kb/832223 (Some DNS Name Queries Are Unsuccessful After You Upgrade Your DNS Server to Windows Server 2003) To modify EDNS0 configuration: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serve rHelp/4d90d400-dc49-4772-a679-917c80096a29.mspx If not, enable "Debug logging" on the DNS server. The following articles can help you with that. * Select and enable debug logging options on the DNS server (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serv erHelp/9b82dd18-e7b2-4c36-b981-471b7b762c46.mspx) * Using server debug logging options (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serv erHelp/2a2723c5-3462-411d-94e2-fe5fc08db07b.mspx) * Debug Logging for DNS in Windows 2003 (http://computerperformance.co.uk/w2k3/services/DNS_debug_logging.htm) Are there Event Viewer entries on the DNS server that can tell you more? Cheers Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: vrijdag 1 april 2005 16:37 To: [email protected] Subject: [ActiveDir] Win 2003 DNS issues We're experiencing intermittent DNS outages ever since we upgraded our domain controllers (which are all running DNS) to Windows 2003. We know we're having a problem because users see "Applying security settings" for an extended length of time when booting up. Then if we do nslookups on the DNS server having issue, it times out. If we restart DNS, it works fine. We applied hotfix KB830381 and thought it fixed it because it didn't happen for awhile, but it happened again finally. Has anyone else been experiencing this? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
