none
Can't access SOME websites only - DNS related issue

    General discussion

  • Hi everyone!

    I'm on a domain network run by a SBS 2008 server, and with 3-4 clients running Win 7 Pro 32 bits.
    As part of my job I'm working on 2 websites, which I access via FTP quite often. Since a week or two, I can't seem to be able to access these websites anymore. I thought they had a problem, but then I realized I can ping them, connect to them via a proxy, or simply from my home.

    From any computer on the work domain, they are not accessible. From any other computer, they seem accessible. Yesterday, I was even unable to connect via FTP to one of them (didn't try the other one), which never happened before. Though today I have FTP access again. 

    Leaving the FTP anomaly aside for now, I worked around the problem by changing the DNS on my work station from 192.168.1.100 (the SBS 2008 server) to an OpenDNS address. It solved everything, so I pretty much know it's DNS related.

    But I want to be able to keep using my 2008 server as DNS server. What's going wrong? I don't have much clue as to how to troubleshoot this.

    I tried already:
    • ipconfig /flushdns on my work station and on the server.
    • Using different browsers and different computers on the domain

    I suspect/think:
    • I suspect a DNS caching issue (since it happens ONLY on 2 websites I visit very frequently to work on, (though it doesn't happen on Google Apps which I use even more often)). Hence the /flushdns, but nothing changed. 
    • I suspected the router, but since changing the DNS on a client machine solves the pb, it doesn't make sense.
    • I read about MTU... but again, different DNS = no problem, so that shouldn't be it.
    • There is no firewall/antivirus on the SBS 2008 (fresh install), so that's not an issue.

    I would appreciate any help or suggestion... Thanks a lot!!


    Olivier


    Here is the result of an ipconfig /all from my work station:

    Windows IP Configuration
    
     Host Name . . . . . . . . . . . . : COMPANYNAME-3
     Primary Dns Suffix . . . . . . . : companyname.local
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : companyname.local
    
    Ethernet adapter Local Area Connection:
    
     Connection-specific DNS Suffix . : companyname.local
     Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
     Physical Address. . . . . . . . . : 00-12-3F-BB-01-77
     DHCP Enabled. . . . . . . . . . . : Yes
     Autoconfiguration Enabled . . . . : Yes
     Link-local IPv6 Address . . . . . : fe80::5c4f:e3ac:136e:911d%10(Preferred) 
     IPv4 Address. . . . . . . . . . . : 192.168.1.112(Preferred) 
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Lease Obtained. . . . . . . . . . : Thursday, September 01, 2011 9:15:01 AM
     Lease Expires . . . . . . . . . . : Friday, September 09, 2011 10:34:04 AM
     Default Gateway . . . . . . . . . : 192.168.1.254
     DHCP Server . . . . . . . . . . . : 192.168.1.100
     DHCPv6 IAID . . . . . . . . . . . : 234885695
     DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BC-39-94-00-12-3F-BB-01-77
     DNS Servers . . . . . . . . . . . : 192.168.1.100
     NetBIOS over Tcpip. . . . . . . . : Enabled
    
    Tunnel adapter Local Area Connection* 11:
    
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix . : 
     Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
    
    Tunnel adapter isatap.companyname.local:
    
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix . : 
     Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
     Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes

    • Changed type Tiger Li Wednesday, September 07, 2011 7:38 AM
    Thursday, September 01, 2011 7:30 PM

All replies

  • Probably more important is what the SBS server is using for external resolution - a forewarder or root hints.

    If the former, the forewarder may be the source of the problem and not anything in your network.

     


    /kj
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Thursday, September 01, 2011 7:48 PM
    Moderator
  • Hi Olivier,


    Thanks for posting here.

     

    So have you tried to verify that if any client that facing this issue can properly get the IP addresses of both sites by using nslookup tool ? and will also get same result from SBS host ?

    Try to first fix the name resolution issue on your SBS host by running the “Fix my Network” wizard and see if any improvement:

     

    Introduction to the Fix My Network Wizard (FNCW)

    http://blogs.technet.com/b/sbs/archive/2008/11/26/introduction-to-the-fix-my-network-wizard-fncw.aspx

     

    Thanks.

     

    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, September 05, 2011 8:54 AM
  • Thanks Kevin and Tiger Li for your responses. Sorry for the delay of my response, I'm just returning to work.

    I was able to fix the problem with your recommendations! Thanks!

    A nslookup did not return any IP for the websites I had problems with, when using my server as DNS. But when using OpenDNS, I was getting an IP back.

    I checked the forwarders, as suggested, and noticed I didn't have any forwarders set up, so I added OpenDNS servers as forwarders, and now it's working. 

    I suppose it's a good practice to have several forwarders, just in case. The question remains though: why are our primary DNS not working for those 2 websites I often visitand work on? Our primary DNS are AT&T servers... I'd love to solve the problem instead of finding a workaround. But it will definitely do for now. Thanks again, and please let me know if you have any insights into the problem.

    [UPDATE] Sorry, the "Mark as Answer" button is absent so I can't click it..
    • Edited by nomade0 Wednesday, September 07, 2011 8:00 PM
    Wednesday, September 07, 2011 7:57 PM
  • the 'mark as answer' is _probably_ missing because the original request is made as a 'discussion' rather than a 'question'.

    The change makes me believe you are subject to http://blogs.technet.com/b/sbs/archive/2009/01/29/cannot-resolve-names-in-certain-top-level-domains-like-co-uk.aspx which, unlike the 1st read of the article would seem to indicate, does not affect just .uk domains.

    You should make the reg change anyway.

    Wednesday, September 07, 2011 10:42 PM
  • Thanks SuperGumby. It goes a bit beyond my technical skills with SBS 2008 and networking... but as far as I could tell, I'm not using "root hints", and this article seems to apply to situations where root hints are enable. Am I wrong?

    I'll keep this post in my bookmarks just in case a problem arises again, but I have to say I'm reluctant to make a reg change when everything is working okay.

    Wednesday, September 07, 2011 10:51 PM
  • previously 'I checked the forwarders, as suggested, and noticed I didn't have any forwarders set up,' so at that time you were using root hints.

    Also, my own opinion, and experience, is that the error condition can happen regardless of the use of root hints.

    The 'root servers' are just DNS servers and though they are configured in a particular way a dns server is a dns server.

    Wednesday, September 07, 2011 11:44 PM