DNS issues on a windows network

Anonymous
2024-02-13T14:18:06+00:00

I manage a network that has close to 100 windows 10 PCs on it. The network servers are a mix of windows server 2019 and 2022. At random, folks are calling my office to inquire as to why they can't access network resources, a mapped drive, the archive file in outlook, etc. It's at those times that I find that their machine is returning incorrect IP addresses when doing a DNS lookup. Instead of 10.5.X.X, I get 192.25..X.X for all network resources; the same IP address no matter which device I ask the sick device to ping. The solution is to flush the DNS Cache.

I added the command for flushing the DNS cache to the windows login script. This helps, but only if a user logs out and back in. Some users simply lock their PC at the end of a work day and reboot about once a month when the PC starts acting up.

I work with an outside tech firm and their guru seems to think that something is attached to the network that is acting as a DNS server. The reason for our problems is that that rogue server is not configured properly for our DNS range. I've checked the settings for the PCs when the wrong IP is being returned: ipconfig /all and the machines all report the correct DNS servers.

How do I scan the network for rogue hardware that does not belong and/or determine what machine is giving out incorrect DNS information? is it possible to turn off DNS caching in windows 10?

Windows for business | Windows Server | Networking | Network connectivity and file sharing

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Anonymous
    2024-02-14T02:34:30+00:00

    Hello,

    To scan your network for rogue hardware, you can use a network scanner tool such as Advanced IP Scanner or Angry IP Scanner. These tools will scan your network and show you all the devices that are connected to it, including their IP addresses and MAC addresses. Once you have identified any devices that are not supposed to be on your network, you can investigate further to determine if they are the source of the problem.

    To turn off DNS caching in Windows 10, you can use the following steps:

    1. Open the Command Prompt as an administrator.
    2. Type "net stop dnscache" and press Enter.
    3. Type "sc config dnscache start=disabled" and press Enter.
    4. Type "net start dnscache" and press Enter.

    This will stop the DNS caching service and disable it from starting up automatically. However, keep in mind that disabling DNS caching may cause slower network performance, especially when accessing frequently used websites or network resources.

    Best Regards,
    Hania Lian

    1 person found this answer helpful.
    0 comments No comments
  2. Anonymous
    2024-02-14T15:18:48+00:00

    Thanks for the reply. I am familiar with Advanced IP scanner and can scan the network, but how do I know which device is acting as a DNS server? Also, how do I know which devices are supposed to be on the network without inspecting every device to get the MAC or other identifiable info? If I try and use machine names to find machines that do not have the proper naming convention, how would I locate the suspect hardware? I'm not a network person. I do some tech support but I specialize in programming and databases.

    I'm not looking to turn off DNS cache on all the machines as I'd rather them have the speed that the cache provides.

    0 comments No comments
  3. Anonymous
    2024-02-15T07:03:21+00:00

    Look for devices with port 53 open, which is the default port for DNS traffic. Once you have identified the device, you can investigate further to determine if it is a rogue server.

    0 comments No comments