I've been wondering if anyone else out there would ever describe this issue. Yes, we have seen similar here, Russ. Disabling EDN0 did not make a difference, and tracking this down has been difficult, because it has been very intermittent and random. MS provided us with debug modules, and we have given them traces, logs, etc...with no true satisfactory results. The latest pre-SP1 module we have from them is v.5.2.3790.196 (the SP1 version is 5.2.3790.1830). This 196 version has been tested here on a few DNS (both with debugging on and off) and has not yet exhibited the cache problem we were seeing (described as best I can below), so we may roll it out until we can fully test SP1. However, we are still not 100% sure this is the fix, or what the problem is.
The only workaround I was able to find (besides a restart of the service), is to clear the cache. I had noticed that the cache for a given zone on a DNS [during the problem] would contain an NS record for that zone, perhaps an SOA, but no associated A (or glue) record. If I cleared the cache, the full set of records would reappear, and the server would begin resolving again for that zone. We do not use forwarders on most of our internal DNS, choosing instead to go with root hints. I noticed this problem occuring on random DNS, within random zones, almost immediately upon upgrading to Windows 2003, and have been frustrated by it since. The TTLs for the NS and A records on the root servers were examined and found to be set to 1 day (86400), which I believe is "typical". It's almost as if the A records in the cache on the 2003 DNS were timing out, but the server continued to "believe" it still had them cached. Does that make sense? I am no DNS cache expert, so I don't know what normal behavior is, other than to examine the cache on a zone that is working normally. To me, if a zone has an NS, but no associated A, how can it resolve anything for that zone without going back to the root? Anyway, I would be curious to know if yours exhibit similar symptoms? -DaveC Reuters CIO Infrastructure -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Friday, April 01, 2005 9:37 AM To: [email protected] Subject: [ActiveDir] Win 2003 DNS issues We're experiencing intermittent DNS outages ever since we upgraded our domain controllers (which are all running DNS) to Windows 2003. We know we're having a problem because users see "Applying security settings" for an extended length of time when booting up. Then if we do nslookups on the DNS server having issue, it times out. If we restart DNS, it works fine. We applied hotfix KB830381 and thought it fixed it because it didn't happen for awhile, but it happened again finally. Has anyone else been experiencing this? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com To find out more about Reuters Products and Services visit http://www.reuters.com/productinfo Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
