Re: Slow DNS lookup

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 08/25/04 

Date: Tue, 24 Aug 2004 23:23:55 -0400

In news:u%235vkLphEHA.2848@TK2MSFTNGP10.phx.gbl,
Peter Schou <psc@EM_MAPS_TNOD_flexatel.com> made a post then I commented
below
> Thanks for your reply Kevin.
>
> I havent found any 7063 events in my log.
> Every thing seems to be working OK now. However I will try using the
> forwarders you suggested in a previous post.
>
> Sorry I forgot to tell you my forwarder timeout. Its set to 5 sec.
> Lowering this value did help, but didn't resolve the problem. Now
> using 5 sec again. Is 5 the default value?
>
> Thanks for your patience.
>
> Best regards
> Peter

Hi Peter,

Just wanted to jump in and add that what Kevin is trying to say is that the
addresses you provided do not support being forwarded to, and are timing out
and your system is using it's Root Hints. This is because they have that
ability turned off by the ISP's administrators. Some ISPs do this in order
to squelch other administrators using their systems as forwarders and are
content only DNS servers (their own content) and will not resolve queries
that are not authorative for (meaning that they won't answer for zones other
than the zones that were created in their own DNS servers). Some ISPs just
do that...

In Kevin's test results, the RD bit means "Recursion Desired" and the RA bit
means 'Recursion Available". The tests Kevin performed on those two servers
you provided did not return an RA bit, which unfortunatley means that the
servers do not support being forwarded to.

Try those two addresses that Kevin mentioned as a forwarder, 4.2.2.1 and
4.2.2.2. They support forwarding to and work fine!

Unless the provided servers were typos..... :-)

Hope that helps. 

-- 
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
-- 
=================================

Relevant Pages

  • Re: Slow DNS lookup
    ... > Thanks for your reply Kevin. ... > try using the forwarders you suggested in a previous post. ... but you cannot use the DNS servers you posted as ... Below is a query I tried on the DNS servers you are using, ...
    (microsoft.public.win2000.dns)
  • Re: Slow DNS lookup
    ... Thanks Ace for taking your time to drop in. ... I have already disabled forwarders on my server and are now only using ... using those addresses Kevin gave me. ... > content only DNS servers and will not resolve queries ...
    (microsoft.public.win2000.dns)
  • Re: domain rename
    ... Thanks Kevin, your answers were helpful. ... Yeah it is a third level .com domain ... >> problems with those servers in another site that are ... > If there are any DCs in the forest still running Win2k you won't be able to ...
    (microsoft.public.windows.server.dns)
  • Re: Problem with sendmail when using microsoft DNS forwarders
    ... want to disable recursion on your *public* servers, ... The issue of using forwarders is basically orthogonal to this, ... network to have many private servers forwarding to one or a few other ... Can sendmail/bsd/bind/m$ dns just not play together? ...
    (comp.mail.sendmail)
  • Re: Root Hints or forwarders?
    ... > You say to use forwarders but on which servers the internal or DMZ? ... Just be sure to AVOID the "disable recursion" check box in the ... >> cannot reach the Internet even if you forgot to stop such. ...
    (microsoft.public.win2000.dns)