Some Sites Slow to Resolve

[Guest]

I am having a strange problem for about a week now. I use my Active
Directory DNS as my primary for all of my clients, and have forwarders setup
for external (web) resolution. This has worked fine for over a year, but
last week I started getting complaints from some of my users that sites were
opening very slowly, sometimes taking 1 minute or more to finish loading, and
some sites also have incorrect formatting.

IN troubleshooting this issue, I have tried to access from several computers
in the office with the same results, and have tried to access the mentioned
sites from outside of our network (i.e. at home, DMZ Server, etc.) and it
works in these instances. When I use a loaner laptop we have in the office
that is not a member of the domain, it will not work also, unless I change
the Preferred DNS Servers. Once I change these to my ISP's DNS all sites
resolve and open as they should.

Any ideas? Let me know if you need more information.

Thanks!

 

[Ace Fekay [MVP]]

In

I am having a strange problem for about a week now. I use my Active
Directory DNS as my primary for all of my clients, and have
forwarders setup for external (web) resolution. This has worked fine
for over a year, but last week I started getting complaints from some
of my users that sites were opening very slowly, sometimes taking 1
minute or more to finish loading, and some sites also have incorrect
formatting.

IN troubleshooting this issue, I have tried to access from several
computers in the office with the same results, and have tried to
access the mentioned sites from outside of our network (i.e. at home,
DMZ Server, etc.) and it works in these instances. When I use a
loaner laptop we have in the office that is not a member of the
domain, it will not work also, unless I change the Preferred DNS
Servers. Once I change these to my ISP's DNS all sites resolve and
open as they should.

Any ideas? Let me know if you need more information.

Thanks!

A webpage slowly loading wouldn't have anything to do with DNS, since the
name was already resolved to an IP by DNS, so the browser had already
connected to it and is trying to load the page.

Now if it is a resolution issue, since you said the ISP's DNS seems to take
care of it, do you have a forwarder configured? If so, maybe the forwarder
does not support recursion, and you would need to try another server (try
4.2.2.2 as a forwarder). If you do not have a forwarder configured, I would
suggest to do so.

Either way, we all know using your ISP's DNS on an any internal machine IP
properties, can cause major issues with AD functionality.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Guest]

Yes, I have forwarders setup to the DNS Resolution Servers Provided to me by
Sprint. I am not sure what I would need to do to determine if recursion is
setup or not. Is that something the ISP does or is it a setting my DNS

I never use any other DNS Entries on my clients other than my AD Integrated
and my cache only DNS Server inside of my network. I only use the ISP DNS
for forwarding requests to the internet, and it has worked great for over a
year now.

Another thing to mention is that when the pages load very slowly, sometimes
they are not formatted correctly. I.E. they don't load all of the images or
the fonts are wrong and it just doesn't look as nice as it is supposed to.

Thanks for your help,

Steve

 

[Ace Fekay [MVP]]

In

Yes, I have forwarders setup to the DNS Resolution Servers Provided
to me by Sprint. I am not sure what I would need to do to determine
if recursion is setup or not. Is that something the ISP does or is
it a setting my DNS

I never use any other DNS Entries on my clients other than my AD
Integrated and my cache only DNS Server inside of my network. I only
use the ISP DNS for forwarding requests to the internet, and it has
worked great for over a year now.

Another thing to mention is that when the pages load very slowly,
sometimes they are not formatted correctly. I.E. they don't load
all of the images or the fonts are wrong and it just doesn't look as
nice as it is supposed to.

Thanks for your help,

Steve

You can use nslookup -d2 or NetDig (www.mvptools.com), to determine if
Sprints nameservers allow recursion. Nslookup will show a question section
and an answer section, just make sure you are using their server for the
query. In the answer section, you will see 'recursion desired', then
followed by 'recurison available'. If you don't see the recursion
available, then it doesnt support recursion. If using NetDIG, specify their
server address, then submit a query, in the response below, you will see RA
RD. If you just see the RD without the RA, then it doesn't support
recursion.

If not sure how, post their IPs, and we can do it in a jiffy for you.

Now, if the website is not loading correctly, then I would be looking
somewhere else, such as an MTU setting on the router. What type of line and
router do you have? Usually ADSL is the culprit here.

Ace