+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
Windows Server 2008 R2 Thread, DNS/Internet Issues in Technical; Hi, I am having some problems on a Windows domain, quite frequently the Internet will go down. I think it ...
  1. #1

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    DNS/Internet Issues

    Hi,

    I am having some problems on a Windows domain, quite frequently the Internet will go down. I think it is DNS related as the only fix is to flush the DNS cache on the server. The Internet connection is still up when it happens, but the clients get the usual DNS error when trying to browse the web. I have looked through the DNS configuartion many times and it all looks fine.

    Can anyone help?

  2. #2

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,255
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    What firewall do you have?

  3. #3

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    It's a Watchguard firewall.

  4. #4

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,343
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414
    How are your dns servers resolving external addresses via root hints or an isp dns server?

    Ben

  5. #5

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,255
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    What do the firewall logs say? Sometimes Firewalls get twitchy at the rate a DC might be making DNS look ups and start blocking them.

  6. #6

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    root hints, I've even tried using Google public DNS.

  7. #7

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I've not looked at the firewall logs, I'll take a look and report back. Thanks.

  8. #8

    Join Date
    Oct 2005
    Posts
    824
    Thank Post
    51
    Thanked 111 Times in 101 Posts
    Rep Power
    63
    Quote Originally Posted by psydii View Post
    Sometimes Firewalls get twitchy at the rate a DC might be making DNS look ups and start blocking them.
    Yes, indeed -some firewalls are particularly unhappy about this. I had a similar issue whereby we had some firewall rules that were based on destination hostnames rather than IP addresses and all the additional DNS lookups caused issues.

  9. #9

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,255
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    There is specific documentation (and a GUI) for dealing with this in TMG, no idea about anything else.

  10. #10

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    What is TMG??

  11. #11

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    2,776
    Thank Post
    764
    Thanked 541 Times in 424 Posts
    Rep Power
    259
    Threat Management Gateway.

    Microsoft's now deprecated successor to ISA

    If you don't know about it, don't try and find out. It's a world of pain you don't need!

  12. Thanks to Oaktech from:

    mac_shinobi (14th June 2013)

  13. #12

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    ha ha thanks for the warning.

  14. #13

    Join Date
    Jun 2013
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    So how did you resolve it pantscat?

  15. #14

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,255
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    TMG, like Windows 7 is great once it has three years worth of hotfixes installed. I love the level of diagnostics available, far superior to most commercial firewalls, and the tools are familiar to any Windows Admin. Linux/BSD it ain't. I'm quite sad that its going.

  16. #15

    Join Date
    Nov 2006
    Location
    Redcar
    Posts
    62
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    16
    I've been using TMG for almost a year now, yes I had some serious headaches with setup and maintenance for the first 3 months, but after everything is nailed down, its a great piece of kit with some very high level diagnostics/logging capabilities.

    Back on-topic, take a look at your flood mitigation settings (or equivalent) on your firewall and create an exception for your DC(s) so that they don't trigger a DoS when you have a spike in activity.
    Last edited by cogrady84; 20th June 2013 at 01:18 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Procurve 2626 & 2650 Internet Issues
    By Cragzman in forum Wireless Networks
    Replies: 13
    Last Post: 27th April 2010, 03:21 PM
  2. Local DNS / MX issue
    By RabbieBurns in forum Windows Server 2008
    Replies: 1
    Last Post: 15th April 2010, 03:28 AM
  3. Internet Issue on a few devices
    By stariq in forum Wireless Networks
    Replies: 9
    Last Post: 3rd February 2009, 10:40 AM
  4. DNS / Internet Help
    By karldenton in forum Windows
    Replies: 13
    Last Post: 25th June 2008, 10:52 AM
  5. DNS/DHCP Issues
    By link470 in forum Windows
    Replies: 1
    Last Post: 11th March 2008, 08:33 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •