none
unuseual DNS lookup issue RRS feed

  • Question

  • Hello

    Has anyone come across the following unusual issue before

    I have a Windows 2012 R2 Server, static IPv4 IP address (IPv6 disabled)

    The DNS settings are set statically and point to three possible DNS Servers

    now and then (every few days) DNS looks stop working

    what I mean by this is the Server cannot obtain DNS from any of the three preconfigured DNS Servers (where as other servers on the network can)

    there is noting obvious in the windows event logs (application and system), we use AD integrated DNS running on the DCs

    when the issue occurs  if you go into nslookup on the server and try to resolve a record e.g. A record it fails immediately e.g. it does not even appear to try and timeout you enter the name of the host press enter and immediately if fails to resolve the query.

    Server memory and CPU seem fine. and server responsiveness seems fine, apart from this DNS issue

    if you reboot the Server it works again for a period of time (sounds like a memory leak but not seen an obvious one)

    has anyone else seen this e.g. DNS lookups return unknown host immediately against all DNS servers, when the same DNS Servers are servicing other clients just fine.


    AAnotherUser__

    Tuesday, January 16, 2018 7:32 PM

Answers

  • Observed same issue last 2 Days on multiple client machines.

    Seems to relate to a Windows Update KB890830 , KB4056896 , KB 4055265 as these have been installed right before the issue occured. Don´t know if the DNS Client or the DNS Server is the source (occured on 2012 nonR2 and R2).
    Could fix it temporarily by using IP instead of FQDN but yeah...

    • Marked as answer by AAnotherUser Thursday, January 18, 2018 5:52 PM
    Wednesday, January 17, 2018 9:33 AM
  • Hi Mike,

    My suggestion is: 

    1: temporary uninstall these updates on one of these problematic clients then try nslookup or ping again

    2: upload the network traces to Candy for further analyzing

    Regards,

    AP

    • Marked as answer by AAnotherUser Thursday, January 18, 2018 5:52 PM
    Thursday, January 18, 2018 3:21 AM

All replies

  • Hi ,

    >>when the issue occurs  if you go into nslookup on the server and try to resolve a record e.g. A record it fails immediately e.g. it does not even appear to try and timeout you enter the name of the host press enter and immediately if fails to resolve the query.

    Based on your situation , I would suggest you run network monitor to verity whether the client query to DNS server. Or whether the DNS reply message from the DNS server reached to your client.

    To clarify the underlying process, please run the following commands to clear client cache first: 

    ipconfig /flushdns

    Then start capture on the server 2012 R2 and its primary DNS server, reproduce the issue with the command of nlsookup.

    Microsoft Network Monitor 3.4 (archive) 

    https://www.microsoft.com/en-sg/download/details.aspx?id=4865

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 17, 2018 8:12 AM
  • Observed same issue last 2 Days on multiple client machines.

    Seems to relate to a Windows Update KB890830 , KB4056896 , KB 4055265 as these have been installed right before the issue occured. Don´t know if the DNS Client or the DNS Server is the source (occured on 2012 nonR2 and R2).
    Could fix it temporarily by using IP instead of FQDN but yeah...

    • Marked as answer by AAnotherUser Thursday, January 18, 2018 5:52 PM
    Wednesday, January 17, 2018 9:33 AM
  • Hi Mike,

    My suggestion is: 

    1: temporary uninstall these updates on one of these problematic clients then try nslookup or ping again

    2: upload the network traces to Candy for further analyzing

    Regards,

    AP

    • Marked as answer by AAnotherUser Thursday, January 18, 2018 5:52 PM
    Thursday, January 18, 2018 3:21 AM
  • Thank you very much Andy, Candy and Mike for taking the time to reply to my issue.

    Between my initial post and reading your replies today, I tried and notice a few things as follows.

    1) I installed Wireshark on the Server and noticed when I did an nslookup no DNS packets were seen in the trace at all. Very odd as Wireshark sits low down but, this means the DNS query is not event getting to the wire (Ethernet), so no wonder nothing resolves. This sounds like a software issue potentially via a previously installed Windows KB as Mike kindly pointed out above. 

    I was not aware of the above KB issue suggestion (as only read this post now), but in the meantime I decided to simply things and remove the Windows NIC Teaming (Windows 2012 R2) and go back to just using one physical NIC (the Server is a physical HP not a VM). I did this then rebooted the Server, I noticed on reboot the Server had several Windows updates waiting to be installed and indeed the Server rebooted a second time to complete the updates it was waiting to complete the installation of (have not listed down the KBs on the system at the moment).

    After the Server came back up, DNS querying working as normal, however I cannot be sure if this was in any way related to  removing the NIC teaming (unlikely but I just wanted to simply things to help troubleshoot), possible a memory leak in the DNS client code, possibly one of the above mentioned KBs etc. Any way for now the Server is acting normally (been 18 hours now), so I will keep an eye on it and also check out the KBs Mike mentioned above,

    Thanks again

    __AAnotherUser


    AAnotherUser__


    Thursday, January 18, 2018 9:46 AM
  • Hi ,

    Thanks for your efforts you have put into this case.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, January 18, 2018 9:54 AM