none
DNS Resolving internet adresses gives timeout in Private network with custom AD and DNS RRS feed

  • Question

  • Hi,

    I followed all steps regarding setting up a custom AD in azure

    I followed all steps and all worked nice, until about a week ago. (I assume the machine got rebooted or reallocated to some other area in the Data center, which might be causing issues)

    I set up my virtual private network to be in the 10.0.0.x range and my AD server + DNS is 10.0.0.5

    DNS is configured in the virtual private network settings and all my domain joined clients recieve this as the dns server to go to.

    All of a sudden my client VM's that have joined the domain start to show intermittent problems with accessing internet resources.

    this means that when I type an andress in the browser I sometimes get the IE dialog that I don't have a connection and sometimes it jst resolves fine.

    I tried to look with nslookup and there I found that I get most of the time the response back that the request timed out

    So I looked at the DNS server, shich is the same as my domain controller and there I tried the same. Exact same issue.

    response is like this:

    C:\Users\marcelv>nslookup
    DNS request timed out.
        timeout was 2 seconds.
    Default Server:  UnKnown
    Address:  10.0.0.5

    > google.com
    Server:  UnKnown
    Address:  10.0.0.5

    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    *** Request to UnKnown timed-out
    >

    So then I look at the DNS configuration and I see that the forwarder set for my DNS server is the same as the DHCP server that provides the ip adress. Now this server can not be resolved on the properties tab as well.

    the probem is, that I am rather clueless what to do here?

    I Can't find a way to provide a new forwarder name, since I think this is the culprit of my problem, if the forwarder is not available or not responding or responding occasionaly, then that migth be the issue. But I can't seem to find a list or set of ip adresses I could give there to set a forwarder that works.

    Perhaps I am looking in a complete wrong area, and would love to get some help getting this resolved, since a development network without reliable internet access is rather useless.

    Let me know what diagnostics I can run to provide additional info and I happily provide it.

    Thanks a lot in advance,

    Marcel


    MVP Visual studio ALM [http://fluentbytes.com]


    Sunday, October 5, 2014 12:07 PM

Answers

  • Hello,

    Check these links which can help you in Solving DC Name Resolution Problems in Azure:
    http://windowsitpro.com/windows-azure/solve-dc-name-resolution-problems-azure
    http://blogs.msdn.com/b/mcsuksoldev/archive/2014/03/04/creating-a-dns-server-in-azure-iaas.aspx
    http://blogs.msdn.com/b/sriharsha/archive/2012/02/25/domain-mapping-on-windows-azure.aspx

    regards
    Mitch01
    Sunday, October 5, 2014 2:23 PM
  • Brilliant, thanks.

    My bing/google fu did not point me to any relevant solutions.

    the first link was the solution. I removed the forwarder and now it resolves straight away!

    thanks a lot!


    MVP Visual studio ALM [http://fluentbytes.com]

    Sunday, October 5, 2014 2:29 PM

All replies

  • Hello,

    Check these links which can help you in Solving DC Name Resolution Problems in Azure:
    http://windowsitpro.com/windows-azure/solve-dc-name-resolution-problems-azure
    http://blogs.msdn.com/b/mcsuksoldev/archive/2014/03/04/creating-a-dns-server-in-azure-iaas.aspx
    http://blogs.msdn.com/b/sriharsha/archive/2012/02/25/domain-mapping-on-windows-azure.aspx

    regards
    Mitch01
    Sunday, October 5, 2014 2:23 PM
  • Brilliant, thanks.

    My bing/google fu did not point me to any relevant solutions.

    the first link was the solution. I removed the forwarder and now it resolves straight away!

    thanks a lot!


    MVP Visual studio ALM [http://fluentbytes.com]

    Sunday, October 5, 2014 2:29 PM
  • Hi Marcel,

    Thanks for flagging this issue.

    The DNS Forwarder rule is creased when you promote the VM to be a Domain Controller.  It should work, although there has been a recent issue which impacted DNS resolution for a small number of VMs, and yours may be one of the unfortunate ones.  If you're still seeing this issue, I suggest raising a support ticket to get the issue resolved.

    When running your own Domain Controller / DNS service, another option is to remove the forwarding rule and enable recursion on the DNS server itself.  Thus the DC VM will act as the recursive DNS server for your service, rather than using Azure's DNS servers.

    I hope this helps,

    Jonathan Tuliani

    Program Manager

    Azure Networking - DNS and Traffic Manager

    Saturday, October 11, 2014 1:21 PM
    Moderator
  • Thank you of getting back to me. the issue is resolved for me, so need for further steps. Question remains, if it is not better to remove the forwarder rule by default in the steps outlined in setting up a DC in Azure. It does not seem to add value to have the forwarder rule, since removing it just works fine.

    I am not an Network or DNS expert, I am just observing that it works or not :-)

    If having the forwarder rule is better I would love to know why

    thanks

    Marcel


    MVP Visual studio ALM [http://fluentbytes.com]

    Monday, October 20, 2014 6:22 PM