Troubleshooting DNS Problems

 < Day Day Up > 

Troubleshooting is part of everyday life for administrators. DNS is no exception to this rule. Subsequently, understanding how to use the following tools to troubleshoot DNS will not only help avoid mistakes when configuring DNS- related services, but will also provide administrators with a useful toolbox to resolve issues.

Using Event Viewer to Troubleshoot

The first place to look for help when something is not working, or it appears that it is not working, is the system logs. With Windows Server 2003, the DNS logs can be conveniently accessed directly from the DNS MMC console. Parsing this set of logs can help the administrator troubleshooting DNS replication issues, query problems, and other issues.

For more advanced Event Log diagnosis, administrators can turn on Debug Logging on a per-server basis. Debugging should be turned on only for troubleshooting, because log files can fill up fast. To enable Debug Logging, follow these steps:

  1. Open the DNS MMC snap-in (Start, Administrative Tools, DNS).

  2. Right-click on the server name and choose Properties.

  3. Select the Debug Logging tab.

  4. Check the Log Packets for Debugging box.

  5. Configure any additional settings as required and click OK.

  6. Turn off these settings after the troubleshooting is complete.

Troubleshooting Using the ipconfig Utility

The ipconfig utility is used not only for basic TCP/IP troubleshooting, but can also be used to directly resolve DNS issues. These functions can be invoked from the command prompt with the correct flag, detailed as follows :

  • ipconfig /displaydns This command displays all locally cached DNS entries. This is also known as the DNS resolver cache.

  • ipconfig /flushdns This switch can be used to save administrators from a lot of headaches when troubleshooting DNS problems. This command flushes the local DNS cache. The default cache time for positive replies is 1 day; for negative replies, it is 15 minutes.

  • ipconfig /registerdns This flag informs the client to automatically re-register itself in DNS, if the particular zone supports dynamic zone updates.

NOTE

Client-side DNS caching is configurable in the registry via the following key:

 
 \HKLM\System\CurrentControlSet\Services\DNSCach\Parameters Set MaxCacheEnrtyTtlLimit = 1 (default = 86400) Set NegativeCacheTim = 0 (default = 300) 

The first entry overwrites the TTL number in the cached address to 1 second, essentially disabling the local cache. The second entry changes the negative cache from 15 minutes to 0, essentially disabling the negative cache facility.


Monitoring Exchange Using Performance Monitor

Performance monitor is a built-in, often overlooked utility that enables a great deal of insight into issues in a network. Many critical DNS counters can be monitored relating to queries, zone transfers, memory use, and other important factors.

Using nslookup for DNS Exchange Lookup

In both Windows and Unix environments, nslookup is a command-line administrative tool for testing and troubleshooting DNS servers. Simple query structure can provide powerful results for troubleshooting. A simple query contacts the default DNS server for the system and looks up the inputted name.

To test a lookup for www.companyabc.com , type

 
  nslookup www.companyabc.com  

at the command prompt. nslookup can also be used to look up other DNS resource typesfor example, an MX or SOA record for a company. To look up an MX record for a company type, use the following steps, as illustrated in Figure 7.7:

  1. Open a command prompt instance.

  2. Type nslookup and press Enter.

  3. Type set query=mx (or simply set q=mx ) and press Enter.

  4. Type microsoft.com and press Enter.

Figure 7.7. nslookup MX query.

graphics/07fig07.gif

An MX record output not only shows all the MX records that are used for that domain, their preference number, and the IP address they are associated with; the name server for the domain is also displayed.

By default, nslookup queries the local DNS server the system is set up to query. Another powerful feature of nslookup is that it can switch between servers to query. This feature enables administrators to verify that all servers answer with the same record as expected. For example, if an organization is moving from one ISP to another, it might use this technique, because the IP addresses for its servers might change during the move. The DNS change takes an administrator only a few minutes to do, but replication of the changes through the Internet might take 2472 hours. During this time, some servers might still use the old IP address for the mail server. To verify that the DNS records are replicated to other DNS servers, an administrator can query several DNS servers for the answer through the following technique:

  1. Open a command prompt instance.

  2. Type nslookup and press Enter.

  3. Type server <server IP address> for the DNS server you want to query.

  4. Type set query=mx (or simply set q=mx ) and press Enter.

  5. Type microsoft.com and press Enter.

Repeat from step 3 for other DNS servers.

nslookup can also help find out the version of BIND used on a remote Unix DNS server. An administrator may find it useful to determine which version of BIND each server is running for troubleshooting purposes. To determine this, the following steps must be performed:

  1. From the command line, type nslookup , and then press Enter.

  2. Type server <server IP address> for the IP address of the DNS server queried.

  3. Type set class=chaos and then press Enter.

  4. Type set type=txt and then press Enter.

  5. Type version.bind and then press Enter.

If the administrator of the BIND DNS server has configured the server to accept this query, the BIND version that the server is running is returned. As previously mentioned, the BIND version must be 8.1.2 or later to support SRV records.

Troubleshooting with DNSLINT

DNSLINT is a Microsoft Windows utility that helps administrators diagnose common DNS name resolution issues. The utility is not installed by default on Windows Servers and has to be downloaded from Microsoft. Microsoft Knowledge Base Article321046 contains the link to download this utility.

When this command-line utility runs, it generates an HTML file in the directory it runs from. It can help administrators with Active Directory troubleshooting and also with mail-related name resolution and verification. Running DNSLINT /d <domain_name> /c tests DNS information as known on authoritative DNS servers for the domain being tested ; it also checks SMTP, POP3, and IMAP connectivity on the server. For the complete options for this utility, run DNSLINT /? .

Using dnscmd for Advanced DNS Troubleshooting

The dnscmd utility is essentially a command-line version of the MMC DNS console. Installed as part of the Windows Server 2003 Support tools, this utility enables administrators to create zones, modify zone records, and perform other vital administrative functions. To install the support tools, run the support tools setup from the Windows Server 2003 CD (located in the \support\tools directory). You can view the full functionality of this utility by typing DNSCMD /? at the command line, as illustrated in Figure 7.8.

Figure 7.8. dnscmd functionality.

graphics/07fig08.jpg

 < Day Day Up > 


Microsoft Exchange Server 2003 Unleashed
Microsoft Exchange Server 2003 Unleashed (2nd Edition)
ISBN: 0672328070
EAN: 2147483647
Year: 2003
Pages: 393
Authors: Rand Morimoto

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net