DNS Caching on clients PC's

G

g.g.

We have a mixed domain of Win2K and Win 2003 servers. All clients are win
2000 pro or XP pro.Everyone is behind our firewall.
The problem: Random clients are suddenly unable to connect to services on
our network or the internet. They are getting re routed to a 64.22.xxx.xxx
address for everything this is not a subnet on our network so I don't know
where its coming from.
If I do a ipconfig /flushdns that sometimes works and clears the problem out
but sometimes the wrong DNS is hitting the client pc so fast the only thing
I can do is disable DNS caching on the local PC.and then the user can get
back to work.
As I said disabling DNS caching works but going around to every client to do
this is not the most practical plan when your talking 3,000 + PC's Is
there another direction I should be looking in to resolve this problem at
the server level.?

Thanks in advance for any help you can offer.

Jstrum5
 
H

Herb Martin

g.g. said:
We have a mixed domain of Win2K and Win 2003 servers. All clients are win
2000 pro or XP pro.Everyone is behind our firewall.
The problem: Random clients are suddenly unable to connect to services on
our network or the internet. They are getting re routed to a 64.22.xxx.xxx
address for everything this is not a subnet on our network so I don't know
where its coming from.
Click to expand...

Use NSLookup, both the defaults during the problem and
explicitly choosing a DNS server by specifying the IP...

nslookup Name_To_Search
nslookup Name_To_Search IP.Address.DNS.Server

Note the difference between these and compare them
to ping (or other client app resorts) since NSLookup
will NOT use the DNS Client Cache.

Odds are pretty high that you have the clients set to use a
MIXTURE of the internal (correct) DNS servers and some
other (external) DNS server set.

Check "IPconfig /all" and remove all but the correct set
from NIC->IP Properties.


If I do a ipconfig /flushdns that sometimes works and clears the problem
out but sometimes the wrong DNS is hitting the client pc so fast the only
thing I can do is disable DNS caching on the local PC.and then the user
can get back to work.
Click to expand...

"Wrong DNS" will not "hit" the client PC. Clients request
resolution from the DNS server but if you (improperly) configure
both a correct and incorrect DNS Server (set) on the NIC then they
may switch seemingly randomly.

People do this in the mistaken belief that both will be used.

Otherwise the problem is likely that you have BAD entries in
the HOSTS file which is loaded by the DNS Client (caching).

Remove those entries but be very suspicious of their origin
(virus, spyware, browser highjacker, trojan etc.)

%systemroot%\system32\drivers\etc\hosts
As I said disabling DNS caching works but going around to every client to
do this is not the most practical plan when your talking 3,000 + PC's
Click to expand...

You should not need to do this in ANY case but if you ever need to
do something on 3000 PCs then use a batch file or some other feature
of the GPOs.
Is there another direction I should be looking in to resolve this problem
at the server level.?
Click to expand...

Probably not.
Thanks in advance for any help you can offer.
Click to expand...
 
K

Kevin D. Goodknecht Sr. [MVP]

g.g. said:
We have a mixed domain of Win2K and Win 2003 servers. All clients are
win 2000 pro or XP pro.Everyone is behind our firewall.
The problem: Random clients are suddenly unable to connect to
services on our network or the internet. They are getting re routed
to a 64.22.xxx.xxx address for everything this is not a subnet on our
network so I don't know where its coming from.
If I do a ipconfig /flushdns that sometimes works and clears the
problem out but sometimes the wrong DNS is hitting the client pc so
fast the only thing I can do is disable DNS caching on the local
PC.and then the user can get back to work.
As I said disabling DNS caching works but going around to every
client to do this is not the most practical plan when your talking
3,000 + PC's Is there another direction I should be looking in to
resolve this problem at the server level.?

Thanks in advance for any help you can offer.
Click to expand...

Make sure all clients are using only the internal DNS server only, although
the typical cause of this is if your internal domain is a lower level of
your public domain and your public domain contains a wildcard record. This
adds the public domain to the DNS suffix search list, which is appended to
all non-FQDN (All DNS queries that are not followed with a trailing "." are
considered non-fully-qualified names) Since your internal DNS isn't
authoritative over the public domain your DNS will forward the query and get
a hit on the wildcard record.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS Caching 4
Set DNS for corp Windows clients when using public networks 0
should I use a caching-only dns server ???? 1
Internal caching-only DNS - right way to go? 13
Windows 2000 clients not caching dns lookups 1
DNS Caching problem 3
Many 9x clients 2
DNS problems on W2K server with MS Proxy installed 5

Top