Name resolution problem with external DNS servers

Giganews Newsgroups
Subject: Name resolution problem with external DNS servers
Posted by:  harish (gharis…@yahoo.com)
Date: Mon, 10 Sep 2007

Hi,

                I have a peculiar problem with DNS server in one of our
customers location. they have 2 locations (Head office and branch office).
They have AD integrated internal DNS (which runs windows 2003 ent server
with sp2) and 2 external DNS servers (which run windows 2000 server with
sp4) at each locations for external name resolution.

                The problem I am experiencing is with external DNS.  They
have a primary DNS hosting all the records in the Head office and a
secondary DNS at branch office which is replicating all the records from
primary DNS server.

                Recently we had an incident where the internet link at Head
office went down due to ISP problem and the primary DNS was inaccessible for
several hours. Now though the secondary DNS was available for name
resolution which is hosted from a different ISP the name resolution failed.
All the services were available on IP but the name resolution failed till I
brought the other internet link back up in Head office.

                I did some testing and found that the replication is
happening perfectly with secondary DNS and all the entries have been
replicated. I checked with the name service provided and found that all the
entries are fine. I even checked the name resolution from internet and found
both the NS entries were fine. I was able to ping the secondary DNS and
checked all the ports to be working fine.

                Yet all the services failed, the websites were not
available, the mails stopped coming and all the name related services were
down.

                The customer want me to find the root cause and make sure
this issue don't occur again, I have checked all the settings and found it
to be fine. My secondary server is pointing to my primary server for
replication and they have not been configured for respective DNS server from
the respective service provider.

                The only difference I found is the secondary server didn't
have the reverse lookup, which I have added now manually. Other than that I
don't find any difference. Is there any way where I can find why the service
failed though the secondary server was up and running and I want to know if
there is a way we can test the settings and name resolution on the secondary
server.

Any suggestions are welcome.

Regards,

Harish

Replies