"The only source of knowledge is experience" - Albert Einstein-

Solving intermittent DNS issues
on your custom Azure
development domain

The past few weeks I have been working on my own development domain, hosted in windows azure. There is a nice step by step plan available online on how to set up a network that can host your own development machines and your own domain controller, so you can use all these machines as if they run in one domain. (http://azure.microsoft.com/en-us/documentation/articles/active-directory-new-forest-virtual-machine/)

Setting up such a domain is especially useful when you want to leverage e.g. TFS and the test tools, since these tools work best if you work in a domain joined environment.

After setting this up, all worked great and I have used it for several demos and just some average development work I do.

My network looks more or less as follows:


But all of a sudden last week, I ran into the problem that on any of my development machines (the test clients) could not connect to the internet anymore. Sometimes an address was reachable and all of a sudden a couple of seconds it was not possible to connect. This intermitted problem was really problematic getting any real work done these days especially when you are running tests against websites on the internet Smile

So trying to resolve the problem, I first looked at my network setup and especially DNS. Reason for me to start there is that the IE browser constantly showed the dreaded connection failed and telling me I did not have an internet connection. If you look a bit deeper, you could see it was a name resolution issue, so I started a command line and used nslookup to try to resolve names.

the results for such an lookup looked as follows:

> google.com
Server:  UnKnown

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

So this confirmed to me I had a DNS problem, question next was how to resolve it. With the custom domain setup, I configured a virtual private network with the address range 10.0.0.x and since I wanted to host my own Active Directory  and you can see by the response it did pick up my DNS server. So the problem must be at the DNS server itself.

Then I looked at the DNS configuration and since it was fully functioning before, it must have something to do with a DNS setting that might have gone stale in the Azure network topology.

One of the things that is different to on premise AD is the fact that your AD machine still has an DHCP obtained address. I did pin it to a fixed address using the PowerShell command described, but still you get this address from a DHCP server.

Now looking at the configuration, I discovered that the configured forwarder, that takes care of all requests outside the local domain, was unable to resolve.


After posting a request on the azure forms, to get some help, I got a response that was very helpful. It pointed me to the following article: http://windowsitpro.com/windows-azure/solve-dc-name-resolution-problems-azure

This was exactly my issue, so by removing the forwarder, DNS will fall back to the root hints. Now all requests can be resolved straight away and my development machines can happily browse the web again Smile

I Assume this problem is caused by the fact that once I created this AD machine and promoted it to the AD and DNS server, it just added the DHCP server that it got it’s lease from as the default forwarder. Since I might have been moved around the datacenter during maintenance or perhaps even failover, it is very well possible this server does not exist anymore. By just removing it from the list, I have a more sustainable solution, since it will not be affected anymore by such a move in the future.

1 Comment

  1. Jesse B.

    if your azure domain name is the default “cloudapp.net” this will mess things up. Cloudapp.net exists in the world and will conflict in Azure

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2020 Fluent Bytes

Theme by Anders NorenUp ↑