Topic: Flakey DNS

[Tom Carroll]

I'm running WinXP on my SME network with SME 5.1.2 as the domain controller.

From time to time my DNS will not work from the WinXP box.  If I wait a while it starts working again.  I'm pretty sure it's the DNS because if a web site is not accessable using the url, I can still pull it up using the IP equivilant.

I'm lost here because I can walk right over to my Win98 box and get out just fine.

Thanks for any help!

Tom Carroll
Dataware Computers

[Brian Huntsbarger]

Try using the gateway as a dns entry also, plus make sure you dont have auto detect proxy detected.

[Patrick Hickey]

I have three XP machines pointing at my 5.1. server for DNS, as well as three Mac OS-X, two BSD and one Linux client.

I can honestly say the machines are all resolving very quickly via the e-smith server, with it's unique hidden DNS settings

I don't know how much you've fiddled with XP but it is a myriad of settings, mostly splattered all over the map in MS fashion. The previous post indicated a good thought, make sure the clients are not using some auto-proxy detect, which MS sets as default.

Use the e-smith as the only machine the XP machines use for DNS.

Are you using the e-smith firewall? If yes make sure you have the ACLs properly configured. BIND formerly used TCP port 53 but I recall it changed recently. (I use an external firewall so I can't be any help).

SSH into the e-smith (putty is a lightening fast and free utility if you do not know about it) and use nslookup. Familiar with the command syntax? It you consistantly resolve hosts from the command line then focus upon the XP boxes.

regards,

patrick

[Tom Carroll]

I guess I need to explain my topology more:

ADSL w/Fixed IP 205.246.23.186 w/gateway as 205.246.23.1
SME 5.1.2 server (as domain controller) with external IP same as fixed and internal IP as 192.168.1.1
WinXP Pro (Internal assigned IP 192.168.1.4 not using DHCP)
Win98SE (Internal assigned IP 192.168.1.2 not using DHCP)
Win95 (Internal assigned IP 192.168.1.3 not using DHCP)
Linksys router (Internal assigned IP 192.168.1.5 not using DHCP)

My DNS entries are: 192.168.1.1 first and 206.117.213.2 second (this is my ISP's DNS)

Are you saying I should put 205.246.23.1 as a DNS entry also?

I am able to pull up pages and connect with POP3 mail servers using their IP address but not with the domain names on the WinXP box from time to time.  I can do everything via the Win98SE machine however.

I am going to look into Patrick's suggestion to see if the resolves anything...

Tom

[Tom Carroll]

Here's something interesting I found ZDNet about Win2K and DNS related to the active directory.  Maybe this has something to do with my problems...:

"One of the key factors in a successful AD deployment is designing the Active Directory DNS namespace. Unlike NT 4.0, which uses WINS, Windows 2000 uses DNS to resolve names on the network.

Unfortunately, you can't just use any old DNS. Active Directory requires that the DNS support dynamic updates via RFC 2136; and guess what, the only DNS that does that out of the box is included in Windows 2000. Those environments that already have Internet domains and DNS servers on their networks now have to replace their existing DNS servers with Windows 2000 boxes or create a new internal domain to host the AD. For example, if your company is called WidgetCo, and all your internal servers are TCP/IP hosts on widgetco.com, you either need to create a sub-domain called ad.widgetco.com or you need to create something like widgetco.net, as one of my associates had to do at a large Manhattan-based international law firm.

It's possible to make Unix DNS servers like BIND (Berkeley Internet Name Daemon) support Windows 2000 dynamic DNS, but it's a little tricky. Microsoft TechNet's white paper on Windows 2000 DNS provides information on getting your non-MS DNS to comply with RFC 2136. Chances are you'll need to upgrade your Unix server to the latest version of BIND, version 8.2, to make it work. Creating an entirely new domain may be less of a headache."

Would I have to either create a new domain, or should I try to configure BIND?  SME 5.1.2. uses BIND 8.2.4-1es according to rpm -q.

Tom

[Tom Carroll]

I tried some changes on my XP machine without any luck.  The damn link continues to drop off even after I reboot it will just die in the middle of browsing the net and I get a DNS error.

I'm thinking of dumping SME 5.1.2 and going back to 5.0 since it did not have these problems.

Here's an extract from my samba log.  It appears something isn't working right...

[2002/03/08 16:02:55, 0] rpc_server/srv_netlog.c:api_net_sam_logon(208)
  api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON.
[2002/03/08 16:02:55, 0] rpc_server/srv_pipe.c:api_rpcTNP(1204)
  api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed.
[2002/03/08 16:02:57, 0] smbd/service.c:make_connection(370)
  tom logged in as admin user (root privileges)
[2002/03/08 16:03:08, 0] smbd/service.c:make_connection(370)
  tom logged in as admin user (root privileges)

I don't know if this has anything to do with the DNS or not, but I thought I would post it.

Tom

[Des Dougan]

Tom Carroll wrote:
>
> Here's something interesting I found ZDNet about Win2K and
> DNS related to the active directory.  Maybe this has
> something to do with my problems...:

....snip

> Unfortunately, you can't just use any old DNS. Active
> Directory requires that the DNS support dynamic updates via
> RFC 2136; and guess what, the only DNS that does that out of
> the box is included in Windows 2000. Those environments that
> already have Internet domains and DNS servers on their
> networks now have to replace their existing DNS servers with
> Windows 2000 boxes or create a new internal domain to host
> the AD.

At my "real" job, we have several hundred Win2K PCs on our 1500 node Novell network (including my desktop) and have absolutely no desire to touch AD with the proverbial barge-pole. We have no DNS issues, and have done nothing specific for Win2K.

Des Dougan