I am managing a pair of Windows 2008 R2 Enterprise SP1 domain controllers with AD integrated DNS.
We occasionally see member servers in the local domain intermittently fail to resolve an internet DNS name which the business requires use of (xmlgate.hpi.co.uk)
Restarting the DNS service on our domain controller(s) will then allow clients (or the DC itself) to correctly get a recursive IP for the xmlgate name.
The DCs are fully up to date with Windows Updates, and we have also patched with this DNS specific hotfix from microsoft
which has not altered the behavior of our environment.
DNS is set up with no forwarders, we instead have the DCs going out to the root hint servers.
Can anyone suggest how I get to the bottom of this, I captured NSLOOKUP debug records during my last outage, which I have not yet posted due to the detail, but I can add these if ok any use.
Here is an extract of my DNS debug log with a failed query.
03/12/2014 15:35:20 0A48 PACKET 0000000002F76310 UDP Rcv 10.xxx.xxx.xx1 af8c Q [0001 D NOERROR] A (7)xmlgate(3)hpi(2)co(2)uk(0)
03/12/2014 15:35:20 0A48 PACKET 0000000002F76310 UDP Snd 10.xxx.xxx.xx1 af8c R Q [8281 DR SERVFAIL] A (7)xmlgate(3)hpi(2)co(2)uk(0)
Thanks for any help offered.
Best Answer
Is IPv6 enabled or disabled on your DNS server?
There is a hotfix to fix intermittent external failures when IPv6 is disabled.
The date on DNS.EXE in this hotfix is newer than what is listed in the hotfix you mentioned having already applied.
https://support.microsoft.com/en-us/kb/2549656