Saturday, August 29, 2009

Public DNS resolution problems on a Small Business Server 2008 machine; "Standard Query Response, Server Failure"

The problem: When using a Small Business Server 2008 machine as your DNS server, DNS resolution is extremely unreliable oftentimes not working at all. Using root hints may offer more reliability than using forwarders which will rarely work at all. When inspecting the TCP/IP dataflow with a protocol analyzer, the SBS machine will query DNS forwarders or root hints servers and either receive no response from them, receive a very delayed response (2 to 6 seconds) or return "Standard Query Response, Server Failure" to the client.
The solution: DNS packets are being interfered with by some gateway device. In my case it was a LinkSys RV082 firewall/router at the edge of the network. The problem was solved by replacing the device with a SonicWall TZ 180. 

