E-Bitz - SBS MVP the Official Blog of the SBS "Diva" : Having DNS issues with your SBS 2003?

Wednesday, January 14, 2004 6:23 PM bradley

Having DNS issues with your SBS 2003?

******Begin User Part 1******
...[Server is] a Dell PowerEdge 600sc server with RAID 1. There is 1
NIC. SBS 2003 Standard came pre-installed by Dell. I plugged the server
onto a network that is sharing a public IP in a NAT configuration on a
Sonicwall Firewall, which is also the DHCP server for all PCs on the
network. I configured the NIC on the SBS server with a static IP
address. I configured the DNS server with forwarders to the public IP
addresses of the DNS servers of the Internet provider. And I made the IP
address of the new SBS server the primary DNS server assigned by the
DHCP server. PCs on the LAN, using the IP address of the SBS server as
their primary DNS server, were not able to get DNS resolution. But the
server was for itself.

Here is the response I received from Microsoft:
******End User Part 1******

******Begin Microsoft******
The configurations in SBS 2003 is simialar to configurations in SBS
2000.
There is no need for you to run ICW.exe on the computers.

This issue can occur because Extension Mechanisms for DNS is enabled on
Windows 2003 by default (it is disbled in the Windows/SBS 2000). (The
SBS 2003 is based on the Windows 2003)

828731 - An External DNS Query May Cause an Error Message in Windows Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;en-us;828731&Product=w

Please try the following command to turn off EDNS0 support 1. Start a
command prompt.
2. Type "dnscmd /Config /EnableEDnsProbes 0" (without the quotation
marks), and then press ENTER.

Then please check the issue again. You can take a look at the following
URL for more information: 828263 DNS query responses do not travel
through a firewall in Windows Server
http://support.microsoft.com/?id=828263
******End Microsoft******

******Begin User Part 2******
The settings changed that is recommended by Microsoft disables Extension
Mechanisms for DNS that is supposedly blocking the computers using this
DNS server to get their name resolution. So disabling this thing then
allows proper resolution.

Apparently, Extension Mechanisms for DNS was disabled by default in SBS
2000, but Microsoft changed that in 2003 to make it more secure.
******End User Part 2******

Filed under: SBS Installation

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Having DNS issues with your SBS 2003?

Wednesday, January 21, 2004 6:47 AM by bradley

I think you have to let the SBS machine be the DHCP server... I had clients as static IPs and you can't run the HOSTNAME\Connect wizard. So turn off DHCP on the sonicwall, and make sure that it's on by runnin EICW on the SBS machine (and check services too...) Make sure the clients are DHCP clients as well...

# re: Having DNS issues with your SBS 2003?

Saturday, February 21, 2004 8:52 AM by bradley

That command seemed to solve my dns problem in 99% of the cases... now, I had the feeling, that after a reboot these settings are lost. Is there a way to makes this command/setting permanent?

# re: Having DNS issues with your SBS 2003?

Tuesday, February 24, 2004 11:02 AM by bradley

This helped tremendously!! We had a client that couldn't use blackberry.net within their network. nslookup timed out. Once we executed the dns fix on the MSKB all worked perfectly! I am also wondering if this is a static registry-type setting or if it has to be done on each reboot? Fow now, I am running a script on reboot, just to make sure.

Thanks

# re: Having DNS issues with your SBS 2003?

Tuesday, February 24, 2004 11:03 AM by bradley

# re: Having DNS issues with your SBS 2003?

Monday, March 22, 2004 4:11 PM by bradley

This did not help browsing to mail.yahoo.com. Has anyone else seen this problem? I only happens with larger domains.

# re: Having DNS issues with your SBS 2003?

Thursday, November 18, 2004 3:51 AM by bradley

Cool this solved my DNS issue too on a SBS2003...about RickS' mail.yahoo.com issue, I had a similar problem and using the ISP DNS forwarders instead of root hints DNS fixed it - I was getting nslookup timeout on most of CNAME records, like mail.yahoo.com, www.altavista.com..

Regards,
Tonio

# re: Having DNS issues with your SBS 2003?

Friday, November 19, 2004 3:37 PM by bradley

Here's how to SET the UDP packet size in the registry permanently

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_DNS_pro_ModifyUDP.asp

Second: If you have Multi-Honed servers, uncheck "Round-Robin on the DNS Server that is multi-honed (two nics: one to the Internal network, one to the Internet).

Third: On the Multi-honed server that has the DNS server also installed on it, MAKE Sure "ONLY" the LAN interface is specified to "listen".

You should have an external DNS server on the Internet side be the reference for your Internet NIC. I use ENON.com for my External DNS. Low price and changes to my Internet IP address DNS records are replicated across the Internet root servers in under 15 minutes.

Hope this helps.

Mike

# re: Having DNS issues with your SBS 2003?

Wednesday, December 01, 2004 12:51 PM by bradley

I found this solution to be the best for 2003 and SBS 2003. Make this addition to the registry on the server:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

and add this name/value pair:

EnableEDNSProbes DWORD 0x0

and stop and restart your DNS service.

# re: Having DNS issues with your SBS 2003?

Friday, December 17, 2004 2:40 AM by bradley

I think the problem here is DNS suffix, you have to either set manualy the dns-suffix on the clients or if you can add it on the SonixWall.

# re: Having DNS issues with your SBS 2003?

Tuesday, December 28, 2004 9:38 AM by bradley

I was having this problem with our SBS. Since we're connected to our ISP through a Cisco modem/router, I just assigned a static IP to both NIC's. The error hasn't shown up again yet. Are you trying to tell me a DHCP router could try to fight with the server to assign addresses? I'm sort of new to SBS, so don't laugh at me if I don't understand everything yet. Hehe

# re: Having DNS issues with your SBS 2003?

Monday, January 24, 2005 12:38 PM by bradley

I am getting similar but not exact errors mentioned here and none of the fixes corrects the problem. Client wkstns still get intermittent "Page cannot be displayed" errors when browsing. Pressing refresh several times will eventually display the website--happens with several websites, not just one or two.
Also, when I ping yahoo.com from the SBS2003 server I get Ping request could not find host yahoo.com. Yet if I try again in a minute or so, it works.
Any ideas? Thanks in advance.

# re: Having DNS issues with your SBS 2003?

Monday, January 24, 2005 12:40 PM by bradley

I am getting similar but not exact errors mentioned here and none of the fixes corrects the problem. Client wkstns still get intermittent "Page cannot be displayed" errors when browsing. Clicking refresh several times will eventually display the website--happens with several websites, not just one or two.
Also, when I ping yahoo.com from the SBS2003 server I get Ping request could not find host yahoo.com. Yet if I try again in a minute or so, it works.
Any ideas? Thanks in advance.

# Windows Server 2003 DNS Forwarding Issues

Friday, February 11, 2005 2:49 PM by TrackBack

# re: Having DNS issues with your SBS 2003?

Tuesday, March 01, 2005 5:28 PM by bradley

I try this one, it works. thank

I found this solution to be the best for 2003 and SBS 2003. Make this addition to the registry on the server:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

and add this name/value pair:

EnableEDNSProbes DWORD 0x0

and stop and restart your DNS service

# DNS ...to forward or not to forward...that 'tis the question

Saturday, March 26, 2005 1:50 PM by TrackBack

# DNS ...to forward or not to forward...that 'tis the question

Saturday, March 26, 2005 5:15 PM by TrackBack

# re: Having DNS issues with your SBS 2003?

Sunday, March 27, 2005 1:56 AM by bradley

cool!. Was having a problem on our new SBS2003 Std server. We use an IPCop firewall, and with the DNS forwarder on the SBS machine set as the firewalls internal IP, it would timeout when trying to resolve windowsupdate.microsoft.com and download.microsoft.com...this caused us enough headache with the SUS server failing to update because of timeouts...this fix fixed it :) looking at the registry after using the dnscmd command, the change looks permanent...?

thanks!

steveb

# re: Having DNS issues with your SBS 2003?

Sunday, March 27, 2005 10:16 AM by bradley

I was also having browsing issues with a recent customer install. Some web pages wouldn't display graphics, others wouldn't display at all. In addition to all that, the Trend OfficeScan software wouldn't update. It would contact the update server then error out. The strangest thing of all was that the ScanMail part of Trend was working like a champ.

I ended up calling Microsoft for a fix and they used KB832223 to fix the issue.

Now if I can just get Quickbooks to work a little faster the customer will be happy campers!

L

# re: Having DNS issues with your SBS 2003?

Friday, April 01, 2005 9:22 AM by bradley

For Tonio and MikeD having CNAME issues you might want to check out

http://support.microsoft.com/?kbid=873430

KB article 873430. I had several timeout issues using forwarders and had much better results using root hints instead, but then had the cname issues. The hotfix described in this article fixed the problem with the cname issues.

just fyi

# re: Having DNS issues with your SBS 2003?

Tuesday, April 26, 2005 3:40 PM by bradley

We're having the identical probelm as the poster named "JCS" in the comments above. Is there any more info on that?

Thanks...

# re: Having DNS issues with your SBS 2003?

Wednesday, May 04, 2005 8:19 AM by bradley

I am having problems with the JCS type error - once IE is refreshed a few time the page displays - more info would indeed be appreciated on this error!

# re: Having DNS issues with your SBS 2003?

Friday, June 10, 2005 1:21 PM by bradley

I'm having similar intermittent timeout issues. We have two forwarders configured on SBS 2003 SP1, and I've tried the enableednsprobes fix with no luck. When I turned on debug logging, I noticed that the second forwarder in my list is never tried before reporting a DNS error.

Any ideas?

# Web pages a little...well sluggish?

Sunday, June 19, 2005 11:10 PM by TrackBack

# re: Having DNS issues with your SBS 2003?

Friday, September 09, 2005 3:21 AM by bradley

I was having DNS issues with my client, I put in a foward to only one (1) of the ISP's dns servers and everything is acting accourdingly. I have them setup on a PIX 501, SBS 2003, and DHCP via SBS 2003. In the DHCP scope I am also issuing out the ISP's DNS IP as a secondary DNS server for their TCP/IP settings so that if the it doesnt hop to the internet on the server then it should access the internet directly. The DNS server is only 2 hops away so having security problems at this level shouldnt be too risky, I dunno though it just seems to be like everyone says there really is no right answer here just to find whatever works and seems to proove secure (no attacks). If the DNS was having problems due to attacks I would pull the foward and try this registry change in a heart beat anyway hope this good VAR info....

Name (required)
Your URL (optional)
Comments (required)
Remember Me?

E-Bitz - SBS MVP the Official Blog of the SBS "Diva"

Search

Tags

News

Navigation

Archives

Exchange

Interesting People I know

Interesting Small Business Blogs

ISA Server

Microsoft Downloads

Patches

SBS - Blogs

SBS - CRM

SBS Team Blogs

Security

Sharepoint

Having DNS issues with your SBS 2003?

Comment Notification

Comments

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# Windows Server 2003 DNS Forwarding Issues

# re: Having DNS issues with your SBS 2003?

# DNS ...to forward or not to forward...that 'tis the question

# DNS ...to forward or not to forward...that 'tis the question

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# re: Having DNS issues with your SBS 2003?

# Web pages a little...well sluggish?

# re: Having DNS issues with your SBS 2003?

Leave a Comment