ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    DNS issues on 2003 network

    Scheduled Pinned Locked Moved IT Discussion
    102 Posts 9 Posters 10.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • thwrT
      thwr @wirestyle22
      last edited by

      @wirestyle22 said in DNS issues on 2003 network:

      @thwr said in DNS issues on 2003 network:

      Weird. And what about

      nslookup www.cnn.com 8.8.8.8
      

      from your print- or fileserver?

      Should look like this:

      nslookup www.cnn.com 8.8.8.8
      Server:  google-public-dns-a.google.com
      Address:  8.8.8.8
      
      Nicht autorisierende Antwort:
      Name:    prod.turner.map.fastlylb.net
      Address:  151.101.36.73
      Aliases:  www.cnn.com
                turner.map.fastly.net
      

      Received the same error.

      Any firewall in between? Some local AV with firewall included?

      wirestyle22W 1 Reply Last reply Reply Quote 0
      • wirestyle22W
        wirestyle22 @thwr
        last edited by

        @thwr said in DNS issues on 2003 network:

        @wirestyle22 said in DNS issues on 2003 network:

        @thwr said in DNS issues on 2003 network:

        Weird. And what about

        nslookup www.cnn.com 8.8.8.8
        

        from your print- or fileserver?

        Should look like this:

        nslookup www.cnn.com 8.8.8.8
        Server:  google-public-dns-a.google.com
        Address:  8.8.8.8
        
        Nicht autorisierende Antwort:
        Name:    prod.turner.map.fastlylb.net
        Address:  151.101.36.73
        Aliases:  www.cnn.com
                  turner.map.fastly.net
        

        Received the same error.

        Any firewall in between? Some local AV with firewall included?

        We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

        scottalanmillerS BRRABillB 2 Replies Last reply Reply Quote 0
        • wirestyle22W
          wirestyle22 @thwr
          last edited by

          @thwr said in DNS issues on 2003 network:

          Weird. And what about

          nslookup www.cnn.com 8.8.8.8
          

          from your print- or fileserver?

          Should look like this:

          nslookup www.cnn.com 8.8.8.8
          Server:  google-public-dns-a.google.com
          Address:  8.8.8.8
          
          Nicht autorisierende Antwort:
          Name:    prod.turner.map.fastlylb.net
          Address:  151.101.36.73
          Aliases:  www.cnn.com
                    turner.map.fastly.net
          

          Print server says DNS request timed out.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @wirestyle22
            last edited by

            @wirestyle22 said in DNS issues on 2003 network:

            @thwr said in DNS issues on 2003 network:

            @wirestyle22 said in DNS issues on 2003 network:

            @thwr said in DNS issues on 2003 network:

            Weird. And what about

            nslookup www.cnn.com 8.8.8.8
            

            from your print- or fileserver?

            Should look like this:

            nslookup www.cnn.com 8.8.8.8
            Server:  google-public-dns-a.google.com
            Address:  8.8.8.8
            
            Nicht autorisierende Antwort:
            Name:    prod.turner.map.fastlylb.net
            Address:  151.101.36.73
            Aliases:  www.cnn.com
                      turner.map.fastly.net
            

            Received the same error.

            Any firewall in between? Some local AV with firewall included?

            We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

            Of course it can be that! That product is downright famous for doing stuff like this. That should have been mentioned immediately. Is that the problem here? Less than likely. Is it a possibility? Certainly.

            You should get that removed, although it's difficult to remove and that's why it is sometimes classified as malware. You would be better off running with the OS' own AV than that. But of course, something like Webroot or Cylance would be far better still. But SEP... not a viable option IMHO.

            1 Reply Last reply Reply Quote 2
            • scottalanmillerS
              scottalanmiller
              last edited by

              Could it be a firewall with UDP throttling on and these machines are just getting caught at random?

              wirestyle22W 1 Reply Last reply Reply Quote 0
              • wirestyle22W
                wirestyle22 @scottalanmiller
                last edited by

                @scottalanmiller said in DNS issues on 2003 network:

                Could it be a firewall with UDP throttling on and these machines are just getting caught at random?

                Wouldn't that make the issue intermittent though?

                thwrT 1 Reply Last reply Reply Quote 0
                • BRRABillB
                  BRRABill @wirestyle22
                  last edited by

                  @wirestyle22 said in DNS issues on 2003 network:

                  @thwr said in DNS issues on 2003 network:

                  @wirestyle22 said in DNS issues on 2003 network:

                  @thwr said in DNS issues on 2003 network:

                  Weird. And what about

                  nslookup www.cnn.com 8.8.8.8
                  

                  from your print- or fileserver?

                  Should look like this:

                  nslookup www.cnn.com 8.8.8.8
                  Server:  google-public-dns-a.google.com
                  Address:  8.8.8.8
                  
                  Nicht autorisierende Antwort:
                  Name:    prod.turner.map.fastlylb.net
                  Address:  151.101.36.73
                  Aliases:  www.cnn.com
                            turner.map.fastly.net
                  

                  Received the same error.

                  Any firewall in between? Some local AV with firewall included?

                  We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                  Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                  wirestyle22W 1 Reply Last reply Reply Quote 0
                  • thwrT
                    thwr @wirestyle22
                    last edited by

                    @wirestyle22 said in DNS issues on 2003 network:

                    @scottalanmiller said in DNS issues on 2003 network:

                    Could it be a firewall with UDP throttling on and these machines are just getting caught at random?

                    Wouldn't that make the issue intermittent though?

                    Maybe just turn it off for a second and see if you can do some lookup

                    BRRABillB 1 Reply Last reply Reply Quote 0
                    • BRRABillB
                      BRRABill @thwr
                      last edited by

                      @thwr said in DNS issues on 2003 network:

                      @wirestyle22 said in DNS issues on 2003 network:

                      @scottalanmiller said in DNS issues on 2003 network:

                      Could it be a firewall with UDP throttling on and these machines are just getting caught at random?

                      Wouldn't that make the issue intermittent though?

                      Maybe just turn it off for a second and see if you can do some lookup

                      I've seen that not even work. Because the innards of it are messed up.

                      thwrT 1 Reply Last reply Reply Quote 1
                      • thwrT
                        thwr @BRRABill
                        last edited by

                        @BRRABill said in DNS issues on 2003 network:

                        @thwr said in DNS issues on 2003 network:

                        @wirestyle22 said in DNS issues on 2003 network:

                        @scottalanmiller said in DNS issues on 2003 network:

                        Could it be a firewall with UDP throttling on and these machines are just getting caught at random?

                        Wouldn't that make the issue intermittent though?

                        Maybe just turn it off for a second and see if you can do some lookup

                        I've seen that not even work. Because the innards of it are messed up.

                        NB: Would never install that on my servers, not even on workstations, but that's just IMHO.

                        1 Reply Last reply Reply Quote 0
                        • wirestyle22W
                          wirestyle22 @BRRABill
                          last edited by

                          @BRRABill said in DNS issues on 2003 network:

                          @wirestyle22 said in DNS issues on 2003 network:

                          @thwr said in DNS issues on 2003 network:

                          @wirestyle22 said in DNS issues on 2003 network:

                          @thwr said in DNS issues on 2003 network:

                          Weird. And what about

                          nslookup www.cnn.com 8.8.8.8
                          

                          from your print- or fileserver?

                          Should look like this:

                          nslookup www.cnn.com 8.8.8.8
                          Server:  google-public-dns-a.google.com
                          Address:  8.8.8.8
                          
                          Nicht autorisierende Antwort:
                          Name:    prod.turner.map.fastlylb.net
                          Address:  151.101.36.73
                          Aliases:  www.cnn.com
                                    turner.map.fastly.net
                          

                          Received the same error.

                          Any firewall in between? Some local AV with firewall included?

                          We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                          Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                          Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                          thwrT scottalanmillerS 3 Replies Last reply Reply Quote 0
                          • thwrT
                            thwr @wirestyle22
                            last edited by

                            @wirestyle22 said in DNS issues on 2003 network:

                            @BRRABill said in DNS issues on 2003 network:

                            @wirestyle22 said in DNS issues on 2003 network:

                            @thwr said in DNS issues on 2003 network:

                            @wirestyle22 said in DNS issues on 2003 network:

                            @thwr said in DNS issues on 2003 network:

                            Weird. And what about

                            nslookup www.cnn.com 8.8.8.8
                            

                            from your print- or fileserver?

                            Should look like this:

                            nslookup www.cnn.com 8.8.8.8
                            Server:  google-public-dns-a.google.com
                            Address:  8.8.8.8
                            
                            Nicht autorisierende Antwort:
                            Name:    prod.turner.map.fastlylb.net
                            Address:  151.101.36.73
                            Aliases:  www.cnn.com
                                      turner.map.fastly.net
                            

                            Received the same error.

                            Any firewall in between? Some local AV with firewall included?

                            We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                            Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                            Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                            Not nessecarily

                            Just imagine a "ban" added to the filter set because the fileserver asked the DNS too many times. For example because the fileserver queries the DNS about a client, which may happen very often within a small time window on a fileserver, usually early in the morning.

                            1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller @wirestyle22
                              last edited by

                              @wirestyle22 said in DNS issues on 2003 network:

                              @BRRABill said in DNS issues on 2003 network:

                              @wirestyle22 said in DNS issues on 2003 network:

                              @thwr said in DNS issues on 2003 network:

                              @wirestyle22 said in DNS issues on 2003 network:

                              @thwr said in DNS issues on 2003 network:

                              Weird. And what about

                              nslookup www.cnn.com 8.8.8.8
                              

                              from your print- or fileserver?

                              Should look like this:

                              nslookup www.cnn.com 8.8.8.8
                              Server:  google-public-dns-a.google.com
                              Address:  8.8.8.8
                              
                              Nicht autorisierende Antwort:
                              Name:    prod.turner.map.fastlylb.net
                              Address:  151.101.36.73
                              Aliases:  www.cnn.com
                                        turner.map.fastly.net
                              

                              Received the same error.

                              Any firewall in between? Some local AV with firewall included?

                              We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                              Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                              Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                              It gets complex. It could do any number of things depending on what factor was causing this to happen.

                              thwrT 1 Reply Last reply Reply Quote 1
                              • thwrT
                                thwr @wirestyle22
                                last edited by

                                @wirestyle22 said in DNS issues on 2003 network:

                                @BRRABill said in DNS issues on 2003 network:

                                @wirestyle22 said in DNS issues on 2003 network:

                                @thwr said in DNS issues on 2003 network:

                                @wirestyle22 said in DNS issues on 2003 network:

                                @thwr said in DNS issues on 2003 network:

                                Weird. And what about

                                nslookup www.cnn.com 8.8.8.8
                                

                                from your print- or fileserver?

                                Should look like this:

                                nslookup www.cnn.com 8.8.8.8
                                Server:  google-public-dns-a.google.com
                                Address:  8.8.8.8
                                
                                Nicht autorisierende Antwort:
                                Name:    prod.turner.map.fastlylb.net
                                Address:  151.101.36.73
                                Aliases:  www.cnn.com
                                          turner.map.fastly.net
                                

                                Received the same error.

                                Any firewall in between? Some local AV with firewall included?

                                We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                                Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                                Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                                BUT please think twice before you are going to uninstall SEP 😉 Have seen weird things after an uninstall of Symantec products.

                                scottalanmillerS 1 Reply Last reply Reply Quote 1
                                • thwrT
                                  thwr @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in DNS issues on 2003 network:

                                  @wirestyle22 said in DNS issues on 2003 network:

                                  @BRRABill said in DNS issues on 2003 network:

                                  @wirestyle22 said in DNS issues on 2003 network:

                                  @thwr said in DNS issues on 2003 network:

                                  @wirestyle22 said in DNS issues on 2003 network:

                                  @thwr said in DNS issues on 2003 network:

                                  Weird. And what about

                                  nslookup www.cnn.com 8.8.8.8
                                  

                                  from your print- or fileserver?

                                  Should look like this:

                                  nslookup www.cnn.com 8.8.8.8
                                  Server:  google-public-dns-a.google.com
                                  Address:  8.8.8.8
                                  
                                  Nicht autorisierende Antwort:
                                  Name:    prod.turner.map.fastlylb.net
                                  Address:  151.101.36.73
                                  Aliases:  www.cnn.com
                                            turner.map.fastly.net
                                  

                                  Received the same error.

                                  Any firewall in between? Some local AV with firewall included?

                                  We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                                  Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                                  Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                                  It gets complex. It could do any number of things depending on what factor was causing this to happen.

                                  Yup. Like disaster-bingo.

                                  1 Reply Last reply Reply Quote 0
                                  • wirestyle22W
                                    wirestyle22
                                    last edited by

                                    So what are my options here? Are there any other tests I can run?

                                    thwrT 1 Reply Last reply Reply Quote 0
                                    • coliverC
                                      coliver
                                      last edited by

                                      Yep... Symantec will do this even if it isn't broken it just decides that all the things are wrong. This is bottom of the barrel along with Norton and McAfee.

                                      scottalanmillerS 1 Reply Last reply Reply Quote 2
                                      • scottalanmillerS
                                        scottalanmiller @thwr
                                        last edited by

                                        @thwr said in DNS issues on 2003 network:

                                        @wirestyle22 said in DNS issues on 2003 network:

                                        @BRRABill said in DNS issues on 2003 network:

                                        @wirestyle22 said in DNS issues on 2003 network:

                                        @thwr said in DNS issues on 2003 network:

                                        @wirestyle22 said in DNS issues on 2003 network:

                                        @thwr said in DNS issues on 2003 network:

                                        Weird. And what about

                                        nslookup www.cnn.com 8.8.8.8
                                        

                                        from your print- or fileserver?

                                        Should look like this:

                                        nslookup www.cnn.com 8.8.8.8
                                        Server:  google-public-dns-a.google.com
                                        Address:  8.8.8.8
                                        
                                        Nicht autorisierende Antwort:
                                        Name:    prod.turner.map.fastlylb.net
                                        Address:  151.101.36.73
                                        Aliases:  www.cnn.com
                                                  turner.map.fastly.net
                                        

                                        Received the same error.

                                        Any firewall in between? Some local AV with firewall included?

                                        We use Symantec endpoint protection, but can It really be that? Based on yesterday I can't think of anything that would cause any of those settings to change

                                        Many times I have uninstalled AV from Symantec (or McAfee) that suddenly fixed all Internet issues.

                                        Symantec isn't on any of the servers but the DC though. If that were the issue wouldn't everything be triggered?

                                        BUT please think twice before you are going to uninstall SEP 😉 Have seen weird things after an uninstall of Symantec products.

                                        Yes, you need to uninstall, but you can't do it casually. SEP is "designed" to destroy systems as it is removed. It's how they get people to keep it around. It's why it is on our blacklist, our people can't recommend or install it. We consider it malware. It might be that they are just idiots and don't care that they do damage, it might be intentional, we have no idea. But the result is the same, SEP is a danger to install and should never happen. And you want to remove it, but it's dangerous even after removed. We always do clear rebuild if we find a machine with SEP on it. Have to be sure.

                                        Thank goodness for virtualization. You can snapshot before attempting anything so you can just roll back.

                                        1 Reply Last reply Reply Quote 2
                                        • thwrT
                                          thwr @wirestyle22
                                          last edited by

                                          @wirestyle22 said in DNS issues on 2003 network:

                                          So what are my options here? Are there any other tests I can run?

                                          You could add another DC and DNS to your domain, 2003 is out of support anyway

                                          scottalanmillerS coliverC 2 Replies Last reply Reply Quote 5
                                          • scottalanmillerS
                                            scottalanmiller @coliver
                                            last edited by

                                            @coliver said in DNS issues on 2003 network:

                                            Yep... Symantec will do this even if it isn't broken it just decides that all the things are wrong. This is bottom of the barrel along with Norton and McAfee.

                                            Well, SEP is Norton. Two names, same product (SEP has more "features" that break your environment.) McAfee is bad, but far better than either of those. All three are worse than "just using nothing" though.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 5 / 6
                                            • First post
                                              Last post