bmdixon (9th April 2009)
If your DNS and DHCP records are getting out of sync then it's best to double check your DHCP lease time rules and, more importantly, your DNS scavaging rules. Make sure the scavaging is turned on and set to times in sync with DHCP leasing.
For most schools I'd recommends an 8hr DHCP lease - ie 1 school day. And have the DNS records scavanged after 8hrs. That way you can be confident that the records are fresh the next morning.
One thing I forgot to mention to you yest was try running commands ipconfig /flushdns
and then ipconfig /registerdns. I keep coming back to thinking that this must be a DNS problem.
Also try things on the last post about setting scavenging on DNS and DHCP records, check time to live.
can i suggest you try NSlookup
open cmd window type nslookup
it should jump on your primary DNS server. (your internal one)
otherwise type server ip.ip.ip.ip
then just type mydomain.local
see if thats resolving ok...
I had a problem ages ago with a 2K3 server where i turned the firewall on and the DNS Server service was blocked D'oh. had to open the ports...
A quick update (i popped in very briefly today-i'm on holiday atm)
Ranj - the machine that we were looking at yesterday is now working fine.... No problems at all. It hadn't been restarted since yesterday when it wasn't working. Firewall is disabled on the lan connection, not quite sure why the service is still running but it is definitely not active on the lan. Will try stopping it but don't think it'll have any effect (worth trying though )
I did try flushing the dns and it had no effect (still not working)
I'll look at the scavenging on DNS and DHCP records next time i'm in, as well as trying the nslookup.
I won't be able to try any of this for a week or so now, but if anyone has any more ideas of things that might be causing it, or things to try that might help identify the problem then please post and i will try it next time i'm in.
As an option/recommendation, as well as turning the Windows Firewall off by GPO, you can also turn off or disable the service too as it's not needed.
Computer Config > Admin Templates > Network > Network Connections > Windows Firewall > Domain Profile
Windows Firewall - Protect all network connections - Disabled
Computer Config > Windows Settings > Security Settings > System Services
Windows Firewall/Internet Connection Sharing (ICS) - Disabled
Have you checked the event logs both server and workstation for any errors, especially errors related to DNS? Again you can do this remotely using MMC, allowing you to view several event logs from several machines at once. This is useful especially if sods law the PC is at the other end of the building!
7 and Y wrote: -
I would agree with this - a more standard approach is to have all internal clients point to your internal DNS server then have that server set up with a forwarder to your external DNS - that way internet DNS requests are sent to your DNS server which then performs the query on your client’s behalf.Adding an external DNS does seem just a little strange. If your machines always pick the secondary, the external Resolver won't know anything about your internal arrangements, and the look-up will fail. Try removing the external DNS Resolver from your list, and just run with the internal one.
(Your internal DNS should resolve all external requesst for you - it's the only one that should reference external DNS)
This scenario has many advantages a big one is your internal DNS server will cache the queries for internet sites – speeding up name resolution and meaning you clients don’t have to leave the building for name resolution
There are currently 1 users browsing this thread. (0 members and 1 guests)