{"id":1829,"date":"2017-12-06T22:00:56","date_gmt":"2017-12-06T22:00:56","guid":{"rendered":"http:\/\/andyparkes.co.uk\/blog\/?p=1829"},"modified":"2017-12-07T13:04:38","modified_gmt":"2017-12-07T13:04:38","slug":"dns-server-cant-resolve-against-itself","status":"publish","type":"post","link":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/","title":{"rendered":"DNS Server Can’t Resolve Against Itself"},"content":{"rendered":"

What an exciting, eye catching headline!<\/p>\n

We took a call from a potentially new customer who were unhappy with their current support provider.<\/p>\n

I went to take a look at the system and the main technical issues they were describing all seemed to be DNS related.<\/p>\n

There were immediately several things that jumped out to me that would cause problems with DNS resolution so I was understandably confident of getting to the bottom of the issues.<\/p>\n

So prospect becomes customer. We do some work to fix various bits and pieces and all appears well.<\/p>\n

Until\u2026<\/p>\n

Couple of nights ago our monitoring agent reported the Domain Controller was offline.<\/p>\n

So I logged onto the server and immediately spotted that the monitoring agent was having trouble resolving DNS.<\/p>\n

I couldn\u2019t find anything in the event log that pointed to a problem, other computers and servers were able to do DNS fine but the domain controller itself was unable to do any name resolution against itself.<\/strong><\/p>\n

After doing various troubleshooting steps I eventually rebooted the server, everything came up and was working fine. So I left it at that though I was fully expecting it to happen again because I hadn\u2019t actually changed anything.<\/p>\n

What I\u2019d initially thought were the cause of the DNS issues were clearly only part of the problem.<\/p>\n

Fast forward a couple of days and the same thing happened again.<\/p>\n

So I duly logged on and confirmed exactly the same thing<\/p>\n

Name resolution was fine for everything else but the domain controller couldn\u2019t resolve anything internally or externally against it\u2019s itself. Everything just timed out. \"DNS1\"<\/a><\/p>\n

Since the DNS server was operating fine for other devices I connected to an external DNS server using nslookup just to check the DNS client itself was ok. That worked without issue.<\/p>\n

I then used nslookup against the loopback address (127.0.0.1)<\/p>\n

DNS resolved fine that way too.<\/p>\n

Feeling a little confused I double checked all the things I\u2019d previously identified could be a DNS issue. Everything seemed in order on that front.<\/p>\n

I was just about to restart the server again when I remembered there was something on the server that was a bit of an unknown to me \u2013 the anti-virus.<\/p>\n

Specifically what was unknown to me was the product<\/p>\n

They were using MalwareBytes Premium. (version 3.0.5)<\/p>\n

\"MBP\"<\/a><\/p>\n

Now I\u2019m fully aware of what MalwareBytes is but I\u2019ve never seen it installed on a server. I am<\/u> aware they have paid for home and business products but my experience is limited to the free home product.<\/p>\n

So I disabled the software.<\/p>\n

DNS returned to normal!<\/p>\n

I enabled the software. DNS fell over again.<\/p>\n

So after a bit of trial an error it turned out to be this setting<\/p>\n

Web Protection<\/strong><\/p>\n

\"MBP2\"<\/a><\/p>\n

Kind of makes sense. Like a lot of anti-virus products it intercepts your DNS request, passes it to their own DNS servers and checks to see if the website you are trying to visit is on their block lists.<\/p>\n

Why this issues only surfaced every couple of days I\u2019m not sure (and I only saw it twice..so I don\u2019t know if there is any pattern to it)<\/p>\n

But the secondary issue is that MalwareBytes Premium isn\u2019t even supported on server operating systems (2012 R2 in this case)<\/p>\n

So the fact it\u2019s causing a problem isn\u2019t a surprise<\/p>\n

\"MBP3\"<\/a><\/p>\n

I also found it specifically mentioned on their support forum<\/a><\/p>\n

\"MBP4\"<\/a><\/p>\n

According to that they shouldn\u2019t have even been able to install it on the server so that\u2019s kind of interesting all by itself.<\/p>\n

So as it\u2019s not supported I\u2019ve removed it from the server.<\/p>\n

Server has been fine since!<\/p>\n","protected":false},"excerpt":{"rendered":"

What an exciting, eye catching headline! We took a call from a potentially new customer who were unhappy with their current support provider. I went to take a look at the system and the main technical issues they were describing all seemed to be DNS related. There were immediately several things that jumped out to<\/p>\n

<\/span>Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[140,57],"tags":[141,142],"class_list":["post-1829","post","type-post","status-publish","format-standard","hentry","category-dns","category-windows","tag-dns","tag-windows"],"yoast_head":"\nDNS Server Can’t Resolve Against Itself - Andy's Techie Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DNS Server Can’t Resolve Against Itself - Andy's Techie Blog\" \/>\n<meta property=\"og:description\" content=\"What an exciting, eye catching headline! We took a call from a potentially new customer who were unhappy with their current support provider. I went to take a look at the system and the main technical issues they were describing all seemed to be DNS related. There were immediately several things that jumped out toRead More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/\" \/>\n<meta property=\"og:site_name\" content=\"Andy's Techie Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-12-06T22:00:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-12-07T13:04:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/andyparkes.co.uk\/blog\/wp-content\/uploads\/2017\/12\/DNS1_thumb.png\" \/>\n<meta name=\"author\" content=\"Andy Parkes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andy Parkes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/\",\"url\":\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/\",\"name\":\"DNS Server Can’t Resolve Against Itself - Andy's Techie Blog\",\"isPartOf\":{\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/#website\"},\"datePublished\":\"2017-12-06T22:00:56+00:00\",\"dateModified\":\"2017-12-07T13:04:38+00:00\",\"author\":{\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/3534e8ac6b1bec765cd061feff56679d\"},\"breadcrumb\":{\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/andyparkes.co.uk\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DNS Server Can’t Resolve Against Itself\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/#website\",\"url\":\"https:\/\/andyparkes.co.uk\/blog\/\",\"name\":\"Andy's Techie Blog\",\"description\":\"Professional Geek\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/andyparkes.co.uk\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/3534e8ac6b1bec765cd061feff56679d\",\"name\":\"Andy Parkes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3824cbf53df51d7ca5cf809b6ad81a157fbfff2292e36ab8666f04ddad06bfcc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3824cbf53df51d7ca5cf809b6ad81a157fbfff2292e36ab8666f04ddad06bfcc?s=96&d=mm&r=g\",\"caption\":\"Andy Parkes\"},\"description\":\"Andy Parkes is Technical Director at Coventry based IT support company IBIT Solutions. Formerly, coordinator of AMITPRO and Microsoft Partner Area Lead for 2012-2013. He also isn't a fan of describing himself in the third person.\",\"sameAs\":[\"http:\/\/www.andyparkes.co.uk\/blog\"],\"url\":\"https:\/\/andyparkes.co.uk\/blog\/index.php\/author\/andyparkes\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DNS Server Can’t Resolve Against Itself - Andy's Techie Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/","og_locale":"en_US","og_type":"article","og_title":"DNS Server Can’t Resolve Against Itself - Andy's Techie Blog","og_description":"What an exciting, eye catching headline! We took a call from a potentially new customer who were unhappy with their current support provider. I went to take a look at the system and the main technical issues they were describing all seemed to be DNS related. There were immediately several things that jumped out toRead More","og_url":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/","og_site_name":"Andy's Techie Blog","article_published_time":"2017-12-06T22:00:56+00:00","article_modified_time":"2017-12-07T13:04:38+00:00","og_image":[{"url":"https:\/\/andyparkes.co.uk\/blog\/wp-content\/uploads\/2017\/12\/DNS1_thumb.png"}],"author":"Andy Parkes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Andy Parkes","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/","url":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/","name":"DNS Server Can’t Resolve Against Itself - Andy's Techie Blog","isPartOf":{"@id":"https:\/\/andyparkes.co.uk\/blog\/#website"},"datePublished":"2017-12-06T22:00:56+00:00","dateModified":"2017-12-07T13:04:38+00:00","author":{"@id":"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/3534e8ac6b1bec765cd061feff56679d"},"breadcrumb":{"@id":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/andyparkes.co.uk\/blog\/index.php\/2017\/12\/06\/dns-server-cant-resolve-against-itself\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/andyparkes.co.uk\/blog\/"},{"@type":"ListItem","position":2,"name":"DNS Server Can’t Resolve Against Itself"}]},{"@type":"WebSite","@id":"https:\/\/andyparkes.co.uk\/blog\/#website","url":"https:\/\/andyparkes.co.uk\/blog\/","name":"Andy's Techie Blog","description":"Professional Geek","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/andyparkes.co.uk\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/3534e8ac6b1bec765cd061feff56679d","name":"Andy Parkes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/andyparkes.co.uk\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3824cbf53df51d7ca5cf809b6ad81a157fbfff2292e36ab8666f04ddad06bfcc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3824cbf53df51d7ca5cf809b6ad81a157fbfff2292e36ab8666f04ddad06bfcc?s=96&d=mm&r=g","caption":"Andy Parkes"},"description":"Andy Parkes is Technical Director at Coventry based IT support company IBIT Solutions. Formerly, coordinator of AMITPRO and Microsoft Partner Area Lead for 2012-2013. He also isn't a fan of describing himself in the third person.","sameAs":["http:\/\/www.andyparkes.co.uk\/blog"],"url":"https:\/\/andyparkes.co.uk\/blog\/index.php\/author\/andyparkes\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pmvJ6-tv","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1829","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1829"}],"version-history":[{"count":3,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1829\/revisions"}],"predecessor-version":[{"id":1832,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1829\/revisions\/1832"}],"wp:attachment":[{"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/andyparkes.co.uk\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}