none
Intermittent DNS Timeouts RRS feed

  • Question

  • Greetings!

    I'm having an issue on my school campus where we lose WAN connectivity intermittently throughout the day for 30-60 seconds at a time before coming back up (communication within LAN seems fine). I have one domain controller ("matthew") running Server 2012 r2, which runs AD, DNS, and DHCP; Myschool.local is my local domain. When a timeout occurs and I ping google.com, the ping request cannot find the hostname. I also did a nslookup from my Sophos firewall and it also does not resolve the DNS server ("lookup failed"), although pinging google.com from the firewall comes back fine.

    Below are the ipconfig and results of nslookup to google.com.

    Any assistance in helping me make sense of this issue is appreciated.

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : T431s
       Primary Dns Suffix  . . . . . . . : Myschool.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : Myschool.local

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : Myschool.local
       Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
    on
       Physical Address. . . . . . . . . : 3C-97-0E-DA-66-15
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::d4e7:22a9:8df1:fb52%13(Preferred)
       IPv4 Address. . . . . . . . . . . : 10.15.2.208(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.240.0
       Lease Obtained. . . . . . . . . . : Tuesday, August 28, 2018 5:43:49 AM
       Lease Expires . . . . . . . . . . : Tuesday, September 11, 2018 11:23:27 AM
       Default Gateway . . . . . . . . . : 10.15.15.1
       DHCP Server . . . . . . . . . . . : 10.15.15.12
       DHCPv6 IAID . . . . . . . . . . . : 289183502
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-3C-CD-5C-3C-97-0E-DA-66-15

       DNS Servers . . . . . . . . . . . : 10.15.15.12
       NetBIOS over Tcpip. . . . . . . . : Enabled

    NSLOOKUP ("set d2")

    > google.com

    Server:  matthew.Myschool.local

    Address:  10.15.15.12

     

    ------------

    SendRequest(), len 63

        HEADER:

            opcode = QUERY, id = 14, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com.Myschool.local, type = A, class = IN

     

    ------------

    ------------

    Got answer (151 bytes):

        HEADER:

            opcode = QUERY, id = 14, rcode = NXDOMAIN

            header flags:  response, auth. answer, want recursion, recursion avail.

            questions = 1,  answers = 0,  authority records = 1,  additional = 0

     

        QUESTIONS:

            google.com.Myschool.local, type = A, class = IN

        AUTHORITY RECORDS:

        ->  Myschool.local

            type = SOA, class = IN, dlen = 42

            ttl = 3600 (1 hour)

            primary name server = matthew.Myschool.local

            responsible mail addr = hostmaster

            serial  = 67413

            refresh = 900 (15 mins)

            retry   = 600 (10 mins)

            expire  = 86400 (1 day)

            default TTL = 3600 (1 hour)

     

    ------------

    ------------

    SendRequest(), len 63

        HEADER:

            opcode = QUERY, id = 15, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com.Myschool.local, type = AAAA, class = IN

     

    ------------

    ------------

    Got answer (151 bytes):

        HEADER:

            opcode = QUERY, id = 15, rcode = NXDOMAIN

            header flags:  response, auth. answer, want recursion, recursion avail.

            questions = 1,  answers = 0,  authority records = 1,  additional = 0

     

        QUESTIONS:

            google.com.Myschool.local, type = AAAA, class = IN

        AUTHORITY RECORDS:

        ->  Myschool.local

            type = SOA, class = IN, dlen = 42

            ttl = 3600 (1 hour)

            primary name server = matthew.Myschool.local

            responsible mail addr = hostmaster

            serial  = 67413

            refresh = 900 (15 mins)

            retry   = 600 (10 mins)

            expire  = 86400 (1 day)

            default TTL = 3600 (1 hour)

     

    ------------

    ------------

    SendRequest(), len 58

        HEADER:

            opcode = QUERY, id = 16, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com.AltaLomaChristianSchool.local, type = A, class = IN

     

    ------------

    DNS request timed out.

        timeout was 2 seconds.

    timeout (2 secs)

    SendRequest failed

    ------------

    SendRequest(), len 58

        HEADER:

            opcode = QUERY, id = 17, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com.AltaLomaChristianSchool.local, type = AAAA, class = IN

     

    ------------

    DNS request timed out.

        timeout was 2 seconds.

    timeout (2 secs)

    SendRequest failed

    ------------

    SendRequest(), len 28

        HEADER:

            opcode = QUERY, id = 18, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com, type = A, class = IN

     

    ------------

    DNS request timed out.

        timeout was 2 seconds.

    timeout (2 secs)

    SendRequest failed

    ------------

    SendRequest(), len 28

        HEADER:

            opcode = QUERY, id = 19, rcode = NOERROR

            header flags:  query, want recursion

            questions = 1,  answers = 0,  authority records = 0,  additional = 0

     

        QUESTIONS:

            google.com, type = AAAA, class = IN

     

    ------------

    DNS request timed out.

        timeout was 2 seconds.

    timeout (2 secs)

    SendRequest failed

    *** Request to matthew.Myschool.local timed-out


    Tuesday, September 4, 2018 7:57 PM

Answers

  • Hi,

    Thanks for your question.

    It does not seem to be a problem with the DNS server. I suspect that it is the result of unstable network connections.

    It is normal for DNS to be unable to resolve public addresses when losing WAN connectivity.

    I recommend that you check your external gateway devices or ask your ISP for network fluctuations.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by JustinR23 Friday, September 14, 2018 2:34 PM
    Wednesday, September 5, 2018 6:06 AM
    Moderator

All replies

  • Hi,

    Thanks for your question.

    It does not seem to be a problem with the DNS server. I suspect that it is the result of unstable network connections.

    It is normal for DNS to be unable to resolve public addresses when losing WAN connectivity.

    I recommend that you check your external gateway devices or ask your ISP for network fluctuations.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by JustinR23 Friday, September 14, 2018 2:34 PM
    Wednesday, September 5, 2018 6:06 AM
    Moderator
  • Thanks Travis. I called my ISP tonight and fortunately while I was on-call I had another timeout, but the ISP said they were able to ping my modem continuously without issue during that time, so it may be my gateway, which I'll test against and report back.

    Thanks for your response.

    Thursday, September 6, 2018 4:35 AM
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, September 7, 2018 9:07 AM
    Moderator
  • I tried swapping out my core switch first since the log shows a lot of Rx errors and has restarted itself several times recently, but that did not resolve the issue so I'll try the gateway next. Unfortunately I'm out of town this weekend so I have to wait until Monday.

    If I change the default gateway, is the NIC on the domain controller the only place aside from my managed access points/switches that I have to change it? I only have the one domain controller and it manages AD, DNS and DHCP.


    • Edited by JustinR23 Friday, September 7, 2018 5:48 PM
    Friday, September 7, 2018 5:48 PM
  • Hi,

    Thanks for your reply.

    Yes, if there is only one external network exit in your domain.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, September 10, 2018 2:02 AM
    Moderator
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, September 14, 2018 8:47 AM
    Moderator
  • Hi Travis,

    Yesterday morning I took my default gateway offline and assigned my other firewall with the same IP address that the gateway had so that my clients wouldn't have to resolve any redirection. It's been a little over 24 hours and so far I have not noticed any timeouts, so at this point it seems the previous gateway (Unifi USG Pro) was causing the issue. I have marked this as resolved; if I experience the issue again I will report back.

    Thank you for your help.

    Friday, September 14, 2018 2:40 PM