Recently we faced an issue on a Windows 2008 R2 domain controller where it stopped responding to DNS queries over a period of time as a immediate resolution we can reboot the server, it works OK for a few days and then it fails again.

We investigated NETSTAT output on the server, we found that DNS.exe is occupying a lot of ports on the server.

Open command prompt with elevated privileges on the server and execute following command to check the DNS.exe port consumption on the server

Netstat -ano >Output.txt

PS: Netstat output will show you PID not the process name, you will have to match the PID in task manager to find process name.

 

This is a well-known side effect of the hotfix distributed to address MS08-037, since the hotfix is intended to decrease the predictability of ports used for DNS responses.

You can restrict the amount of ports used by defining a lower Socket Pool Size, as described in this article:

Using dnscmd.exe

  • Open an elevated Command Prompt (Run as Administrator…)
  • Issue dnscmd /Config /SocketPoolSize where is a number between 0 and 10000

Using regedit.exe

  • Open regedit.exe and expand the HKLM hive
  • Navigate to SYSTEM\CurrentControlSet\services\DNS\Parameters
  • If not already present, create a new DWORD value named SocketPoolSize
  • Set a decimal value between 0 and 10000
  • Restart the DNS Server service: net stop dns && net start dns

On a long run, we found issue still re-occured, we were not able to true resolution to the issue, however as a workaround we scheduled the DNS server service on the Server to restart everyday. I will update this article if I we find the resolution to the problem.

Feel free to report new issues where you need expert help at our forum

The following two tabs change content below.
An automobile enthusiast at heart and computer geek by profession, started my Career with MS in 2005.Left Jobs and started Pledge Technologies (the parent company to Grishbi) back in 2009.We have been providing IT consulting to various Small and Medium businesses across US and UK since then.Our company specialises in Microsoft Server technologies like AD, Exchange, the rest and with numerous Office 365 migrations under our belt, we quite an expert with that too. Whatever we learn in our day to day life, we share it back on Grishbi as a Thank for all the love and support our customers have given us.
%d bloggers like this: