Throughout the day out DNS servers (2x Win 2k8 R2 servers) are unable to respond to requests. The requests that fail are all on the .root zone that are either cached or obtained from 1 of 5 DNS servers we forward to before going to root hints.
At first I thought the DNS servers we were forwarding to were flaky. So I added some more in. Currently the forwarding list looks like
- ISP DNS 1
- OPEN DNS 1
- ISP DNS 2
- OPEN DNS 2
- ISP DNS 3
I have tried:
- Turning off root hints.
- Set record scavenging to 7 days.
- Using
dnscmd /config /EnableEDNSProbes 0
as per this.
Packet capture at the DNS server shows that there is a lot of query responses with server failure between LAN clients and the local DNS server; it does not appear to be forwarding those requests. So maybe a problem with caching?
Does anyone have anything I can try to get this working?
Forwarders Pane
Here is a cap from the secondary DNS called DC3 with capture filter 'port 53'
Ablue, these are my observations:
By looking at these gaps out of your pcap file I can see that your DNS server is going out to the forwarders. However, it is not receiving responses from the forwarders. Have you checked if you had connectivity issues at or beyond your border router/gateway? You seem to be experiencing line dropouts.
By what the timestamps in the packets tell, it's also during the morning rush hour.