I normally get servers to use Root DNS servers as I have never trusted Shaw’s or (especially) MTS’s DNS servers here in Winnipeg.
We’ve been seeing more and more issue regarding DNS with Server 2008. It seemed like if you restarted the cache/ or restarted the DNS service everything would start working right away. I later found that if you pinged the domain you were having trouble with on the client machines directly from the DNS server, that too would correct the connection issues for that one domain.
I later figured I would use forwarders for all external DNS requests as the company wasn’t having any issue before I setup their SBS. I hadn’t heard back from them.
After some investigation I found the cause of the problem to be a bug in the DNS cache information, where the Time To Live (TTL) on certain top level domains is incompatible with the minimum TTL allowed by Windows Server 2008 DNS, the information would expire but not be removed from the cache, making the information unusable by the DNS server, but not make it fetch new information, because it was still in the cache.
Basically there is two fixes. Either use DNS forwarders or edit a registry setting.
- Start Registry Editor (regedit.exe).
- Locate the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
- On the Edit menu, click New, click DWORD (32-bit) Value, and then add the following value:
- value: MaxCacheTTL
- Data Type: DWORD
- Data value: 0x2A300 (172800 seconds in decimal, or 2 days)
- Click OK.
- Quit Registry Editor.
- Restart the DNS Server service.