Re: Domain Replica
- From: "Ace Fekay [Microsoft Certified Trainer]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 10 Jun 2009 14:41:12 -0400
"John" <a> wrote in message news:eCl2yze6JHA.5008@xxxxxxxxxxxxxxxxxxxxxxx
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb662734a8cbb7f70b3393eb@xxxxxxxxxxxxxxxxxxxxxxx
If both servers are down and you start up the long time is ok, not
optimal, but no problem.
That's exactly what I'm troubleshooting. So you're saying this is normal
behavior? Slow startup occurs when BOTH of them are OFF then switched on
simultaneously or one at a time (doesn't really matter what order). If I
restart either one when the other is already running... there's no problem
(ie: fast startup).
I'd also like to make sure that both servers aren't searching for old
WinServer 2003 (or maybe old NT4 servers) that don't exist any longer.
That's why my first post asked about DomainReplica entry in ADSI Edit. Not
sure if that is contributing to the slow start. It definitely has an entry
of an old WinServer 2003.
The servers search during startup for a DNS server and even if pointed to
itself the DNS server service needs long time to start and so that's the
reason for long boot time when none DNS server is available.
That's what I suspect too. DNS server service takes about 10 minutes to
start.
There's about 10 minutes between the following EVENTS:
FROM
Event Source: EventLog
Event ID: 6009
Microsoft (R) Windows (R) 5.02. 3790 Service Pack 2 Multiprocessor Free.
TO
Event Source: DNS
Event ID: 2
The DNS server has started.
Best option is to shutdown only one server at a time.
Of course. However, in rare cases when there's an extended power outage,
both servers automatically shutdown on their own. When electricity comes
back on, both servers take forever to get to Press CTRL ALT DEL to logon.
I see, so you're wondering why the long boot when both are down. So it may
actually be it's looking for a DC no longer in existence. Follow the article
Meinolf posted.
Also, yes, you still want to point to itself first.
Here is a little info on how the DNS resolver works with regards to the
order of DNS servers and how they are used:
======================================================================================================
DNS Client side Resolver service Query Process
If the server gets a response, even if it is a negative ('not found')
response, it's a response and will not go to the alternate. If after the
query to the first one times out (after 3 tries), it removes it from the
'eligible' resolvers list and then goes to the next one in the order listed.
It will not go back to the first one until a specified timeout period (read
first link below) unless one of three other things happen: restart the
machine, restart the DNS Client Service or DHCP Client Service, or set a reg
entry to force the TTL to reset the list after each query.
Sorry about all the links. They all give little but in some cases not the
whole picture. The DNS Whitepaper is pretty good to start with.
How DNS Works: DNS Resolution, Client Side Resolver (Time out period,
devolution, and much more)
http://technet.microsoft.com/en-us/library/cc772774.aspx#w2k3tr_dns_how_gaxc
How DNS Works: DNS Resolution, Client Side Resolver (Time out period,
devolution, and much more)
http://technet.microsoft.com/en-us/library/cc772774.aspx#w2k3tr_dns_how_gaxc
W2k DNS White Paper- search thru for Fully-Qualified Query and Disabling the
Caching Resolver:
http://www.microsoft.com/windows2000/techinfo/howitworks/communications/nameadrmgmt/w2kdns.asp
How DNS query works Domain Name System(DNS):
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/0bcd97e6-b75d-48ce-83ca-bf470573ebdc.mspx
DNS Resolver Cache Service [incvluding NetFailureCacheTime and
NegativeCacheTime reg entries]:
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/cnet/cnbc_imp_qxht.asp
286834 - DNS Client Service Doesn't Revert to Using First Server in List
[explained in the DNS white papers] reg to alter it too:
http://support.microsoft.com/default.aspx?scid=kb;en-us;286834
261968 - Explanation of the Server List Management Feature in the Domain
Name Resolver Client:
http://support.microsoft.com/?id=261968
SP4 Changes DNS Name Resolution - Actual Query Timeout settings the resolver
uses - (XP too):
http://support.microsoft.com/default.aspx?scid=kb;en-us;198550
------
DNS Forwarder Resolution and Time Out Process:
Information on how a DNS Forwarder time-out works with using multiple
Forwarder:
Keep in mind, if you have too many forwarders listed, and only one is
recommended (I believe 6 is the most it will use), the client side resolver
may time out waiting for the 4th forwarder to get queried and will go to the
next DNS server listed in the client's IP properties.
Configure a DNS server to use forwarders (you can change the time-out
period)
http://technet.microsoft.com/en-us/library/cc773370.aspx
Good post by Kevin Goodnecht explaining the forwarders time out and
scenarios with too many Forwarders listed.
http://help.lockergnome.com/windows2/Strange-forwarding-issues-ftopict482618.html
quoted from above link:
"Actually, the DNS service will stick to the Forwarder that provides an
answer, no matter where it is in the list, if one forwarder times out(no
answer) it will move to the next forwarder in the list, if the next
forwarder provides an answer it uses it until it times out. The problem for
you is, that it may not get back around to the first forwarder, before the
Forwarding timeout expires, and it starts using recursion itself and goes to
the root hints.
Now, if you check the box "Do not use recursion" the DNS server will use
only its forwarders, and will not use root hints. But this cannot guarantee
that one of the other servers being used as a forwarder answer the query,
I recommend that if there is a domain that cannot be reached through the
internet root, that you add a secondary zone for that domain on the Win2k
DNS server."
----
By Ace Fekay:
DNS acts as a resolving client when it uses a Forwarder because as the
explanation indicated, it is sending the request elsewhere, essentially
offloading the request so it doesn't have to hit the Roots to devolve the
query. If there are multiple Forwarders, DNS will hit each Forwarder. If it
runs out of Forwarders, only then will it use the Roots, unless the checkbox
to disable recursion is set under the Forwarders tab (not the Advanced tab).
But then that all takes time. Keep in mind there is a time out that a client
will wait, so if the original client request that sent it to your DNS server
is waiting beyond the time out period, and the DNS server is waiting on it's
resolution request from a Forwarder, and the time out period is reached and
no response is received, the client will assume that the DNS address that it
used is no good and will remove it from the 'eligible resolvers list' and
then query the second one.
So for all practical purposes, I never set more than two Forwarders,
otherwise what's the use? If the first two can't resolve it, it probably is
not resolvable anyway.
======================================================================================================
Ace
.
- Follow-Ups:
- Re: Domain Replica
- From: John
- Re: Domain Replica
- References:
- Re: Domain Replica
- From: John
- Re: Domain Replica
- From: Meinolf Weber [MVP-DS]
- Re: Domain Replica
- From: John
- Re: Domain Replica
- Prev by Date: Re: PAE switch
- Next by Date: Re: PAE switch
- Previous by thread: Re: Domain Replica
- Next by thread: Re: Domain Replica
- Index(es):
Relevant Pages
|
