locked
Internal DNS nslookup error timeout was 2 second RRS feed

  • Question

  • I am having a strange issue in DNS of our child domains. we have 1 forest and 1 child domain 2008 R2 in our environment. DNS servers on forest are the primary active directory integrated and on Child domains are the secondary.

    My issue is when i trying to lookup any FQDN record exists on child domain from secondary DNS, it gives the below Timeout message and than resolves and if i put dot at the last of FQDN name it resolves fine.

    > filenet.xxx.xxx.xxx
    Server:  childdc1.domain.com
    Address:  10.1.x.x

    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    Name:    filenet.xxx.xxx.xxx
    Address:  10.1.x.x

    and resolves fine when lookup with netbios name only. on the other hand same record resolves perfect from Primary DNS with FQDN and netbios both.


    Regards, Sarfraz Aslam


    Wednesday, September 6, 2017 12:42 PM

Answers

  • Hi Sarfraz Aslam,

    >>So what is the conclusion, is there any thing misconfigured on my DNS servers? As all my clients have 2 sec timeout issue.

    From the previous results, we could see the other suffix:


    Without a trailing dot, you are asking your computer to try and guess the suffix added on to end of the name with childdomain.com, com.pk and parentdomain.com. And this is the reason why error timeout was 2 second. It spends some time to query for the wrong suffix.

    In addition, if the information provided was helpful, please "mark it as answer" to help other community members find the helpful reply quickly.

    Thanks for your understanding.

    Best Regards,

    Candy



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Sarfraz Aslam Thursday, September 7, 2017 9:39 AM
    Thursday, September 7, 2017 7:56 AM

All replies

  • Hi Sarfraz Aslam,

    The correct format of a full FQDN has a dot at the end.

    A trailing dot says "thats the whole name don't bother trying to guess the ".XXX.com" part tagged on the end.
    Without a trailing dot, you are asking your computer to try and guess the suffix added on to end of the name. It uses DNS search suffix.

    Please Post an ipconfig /all of the machine to check the primary suffix and search suffix.

    In addition, you may turn on exhaustive debugging mode of NSlookup, this will display detailed information of name resolving process.

    Open Command Prompt on client ,type nslookup and type set d2 .Then type FQDN (without dot) ,we could find out the problem through the process .

    >NSlookup

    >set d2

    >FQDN(without dot)


    For your reference:
    How to configure a domain suffix search list on the Domain Name System clients
    https://support.microsoft.com/en-us/help/275553/how-to-configure-a-domain-suffix-search-list-on-the-domain-name-system

    Also, please check the event log to see if there are something useful for us to troubleshooting.

    Best Regards,
    Candy

     

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 7, 2017 3:01 AM
  • Hi Candy,

    Thank you for your response. below are the both ipconfig and nslookup (d2) results.

    *********IPConfig/all**************

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : MyPC
       Primary Dns Suffix  . . . . . . . : childdomain.com
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : childdomain.com

    Ethernet adapter Ethernet:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : 40-A8-F0-A6-66-31
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 10.2.22.22(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . : 10.2.22.2
       DNS Servers . . . . . . . . . . . : 10.1.254.254
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.{EFB3EFA6-30BC-4865-949C-455234071876}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    **************nslookup**************

    >nslookup
    Default Server:  childdomain.com
    Address:  10.1.254.254

    > set d2
    > hyperv-cluster.childdomain.com
    Server:  childdomain.com
    Address:  10.1.254.254

    ------------
    SendRequest(), len 76
        HEADER:
            opcode = QUERY, id = 2, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (139 bytes):
        HEADER:
            opcode = QUERY, id = 2, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = A, class = IN
        AUTHORITY RECORDS:
        ->  Parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain1.com
            responsible mail addr = admin
            serial  = 4149880
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 76
        HEADER:
            opcode = QUERY, id = 3, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (139 bytes):
        HEADER:
            opcode = QUERY, id = 3, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain1.com
            responsible mail addr = admin
            serial  = 4149880
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 65
        HEADER:
            opcode = QUERY, id = 4, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.parentdomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (128 bytes):
        HEADER:
            opcode = QUERY, id = 4, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.parentdomain.com, type = A, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain1.com
            responsible mail addr = admin
            serial  = 4149880
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 65
        HEADER:
            opcode = QUERY, id = 5, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.parentdomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (128 bytes):
        HEADER:
            opcode = QUERY, id = 5, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.parentdomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain1.com
            responsible mail addr = admin
            serial  = 4149880
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 61
        HEADER:
            opcode = QUERY, id = 6, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.com.pk, type = A, class = IN

    ------------
    DNS request timed out.
        timeout was 2 seconds.
    timeout (2 secs)
    SendRequest failed
    ------------
    SendRequest(), len 61
        HEADER:
            opcode = QUERY, id = 7, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.com.pk, type = AAAA, class = IN

    ------------
    DNS request timed out.
        timeout was 2 seconds.
    timeout (2 secs)
    SendRequest failed
    ------------
    SendRequest(), len 54
        HEADER:
            opcode = QUERY, id = 8, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (70 bytes):
        HEADER:
            opcode = QUERY, id = 8, rcode = NOERROR
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 1,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = A, class = IN
        ANSWERS:
        ->  hyperv-cluster.childdomain.com
            type = A, class = IN, dlen = 4
            internet address = 10.1.254.55
            ttl = 1200 (20 mins)

    ------------
    ------------
    SendRequest(), len 54
        HEADER:
            opcode = QUERY, id = 9, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (107 bytes):
        HEADER:
            opcode = QUERY, id = 9, rcode = NOERROR
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain1.com
            responsible mail addr = admin
            serial  = 4149880
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    Name:    hyperv-cluster.childdomain.com
    Address:  10.1.254.55


    Regards, Sarfraz Aslam

    Thursday, September 7, 2017 4:36 AM
  • Hi Sarfraz Aslam,

    > hyperv-cluster.childdomain.com
    Server:  childdomain.com
    Address:  10.1.254.254

    ------------
    SendRequest(), len 76
        HEADER:
            opcode = QUERY, id = 2, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = A, class = IN

    hyperv-cluster.childdomain.com


    QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com


    I found something strange. You asked it to query " hyperv-cluster.childdomain.com", but it queried for "hyperv-cluster.childdomain.com.childdomain.com" (look at the 'Questions' section). Apparently it is appending the search suffix.

    Click on "Append these DNS suffixes (in order):" and only put in childdomain.com, then run the command of nslookup again to check if the issue still occurs.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 7, 2017 5:59 AM
  • Hi Candy,

    Positive changes observed after following your suggestion :). After adding childdomain in "append DNS suffix column", now i can lookup FQDN (without d2) normally and with (d2) there is no timeout noticed as it was in previous results.

    So what is the conclusion, is there any thing misconfigured on my DNS servers? As all my clients have 2 sec timeout issue.

    Below are the NSLOOKUP d2 results;

    nslookup
    Default Server:  childdomain.com
    Address:  10.1.254.254

    > set d2
    > hyperv-cluster.childdomain.com
    Server:  childdomain1.com
    Address:  10.1.254.254

    ------------
    SendRequest(), len 76
        HEADER:
            opcode = QUERY, id = 2, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (139 bytes):
        HEADER:
            opcode = QUERY, id = 2, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = A, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = parentdc5.com
            responsible mail addr = admin
            serial  = 4151103
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 76
        HEADER:
            opcode = QUERY, id = 3, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (139 bytes):
        HEADER:
            opcode = QUERY, id = 3, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com.childdomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = primarydomain5.com
            responsible mail addr = admin
            serial  = 4151103
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 54
        HEADER:
            opcode = QUERY, id = 4, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (70 bytes):
        HEADER:
            opcode = QUERY, id = 4, rcode = NOERROR
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 1,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = A, class = IN
        ANSWERS:
        ->  hyperv-cluster.childdomain.com
            type = A, class = IN, dlen = 4
            internet address = 10.1.254.55
            ttl = 1200 (20 mins)

    ------------
    ------------
    SendRequest(), len 54
        HEADER:
            opcode = QUERY, id = 5, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (107 bytes):
        HEADER:
            opcode = QUERY, id = 5, rcode = NOERROR
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            hyperv-cluster.childdomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  parentdomain.com
            type = SOA, class = IN, dlen = 41
            ttl = 3600 (1 hour)
            primary name server = parentdomain5.com
            responsible mail addr = admin
            serial  = 4151103
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 3600 (1 hour)

    ------------
    Name:    hyperv-cluster.childdomain.com
    Address:  10.1.245.55


    Regards, Sarfraz Aslam

    Thursday, September 7, 2017 6:59 AM
  • Hi Sarfraz Aslam,

    >>So what is the conclusion, is there any thing misconfigured on my DNS servers? As all my clients have 2 sec timeout issue.

    From the previous results, we could see the other suffix:


    Without a trailing dot, you are asking your computer to try and guess the suffix added on to end of the name with childdomain.com, com.pk and parentdomain.com. And this is the reason why error timeout was 2 second. It spends some time to query for the wrong suffix.

    In addition, if the information provided was helpful, please "mark it as answer" to help other community members find the helpful reply quickly.

    Thanks for your understanding.

    Best Regards,

    Candy



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Sarfraz Aslam Thursday, September 7, 2017 9:39 AM
    Thursday, September 7, 2017 7:56 AM