DNS Server high CPU usage

Sujeewa Costa 1 Reputation point
2021-04-28T06:21:29.08+00:00

Hi Everyone

I have 2 AD integrated win 2019 DNS servers in VMware environment.
Recently I've noticed an unusually high CPU utilization from one of the svchost.exe processes. Upon inspection it turns out that the DNS is the culprit.
It is constantly consuming about 60-80% CPU. But other DNS server hardly use any CPU even though all the clients are pointed to that.

Server is constantly 100% but if I stop the DNS service, go back to normal. Upon further
Inspecting with Process Explorer, few threads constantly using about 5-10% CPU.

Hardware: Intel Xeon 2 2.10GHz CPU and 6GB memory

I have checked event logs and nothing stand out.

Does anyone know whether this is a known issue?

Thanks for any help you can provide!

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,797 questions
0 comments No comments
{count} votes

16 answers

Sort by: Most helpful
  1. Mikhail Firsov 1,881 Reputation points
    2021-06-04T08:30:37.907+00:00

    Agree, it's rather strange... Can you create a FW rule that block this outbound UDP port?

    1 person found this answer helpful.
    0 comments No comments

  2. 2021-04-30T10:19:15.203+00:00

    Hi,

    Possible causes for the high CPU include the following:

    The domain controller needs resizing.
    One or more other domain controllers failed, and their load transferred to this domain controller because it is now the closest available domain controller.
    An application is placing a heavy load on the domain controller. This is usually caused by inefficient, CPU-intensive operations such as non-indexed queries.
    The domain controller is critically low on memory.
    The domain controller is under a denial-of-service attack.

    And here are some solutions for this problem:
    View the overall system performance of the machine to determine if it needs additional resources.
    Add additional domain controllers to help load-balance the load.
    Ensure that there are a sufficient number of DCs hosting DNS.

    Best Regards,

    Ansley Huang

    0 comments No comments

  3. Sujeewa Costa 1 Reputation point
    2021-05-10T03:44:52.383+00:00

    Hi Ansley
    sorry for the delay and thanks for your reply
    I have checked both domain controllers, i have run Dcdiag,
    no errors in the event viewer and replication between DC working fine as well.

    we are small govenment school with one site and have about 300 windows 10 workstations.
    i have followed steps in this page, to troubleshoot the DNS issue with no much luck.

    Is there any anything else I can do? what is CPU, memory usage for DNS in small network, similar to ours?

    Thanks,

    Heymish

    0 comments No comments

  4. 2021-05-10T07:44:24.077+00:00

    Hi,

    1. You can try to use process explorer to see what process caused high CPU. How to use it, please see: https://helpdeskgeek.com/windows-10/how-to-use-process-monitor-and-process-explorer/( please note that this is non-microsoft website.)
    2. You can try to use performance monitor to see what process caused high CPU.

    Best Regards,
    Ansley

    0 comments No comments

  5. Sujeewa Costa 1 Reputation point
    2021-05-24T01:05:01.127+00:00

    Hi Ansley

    I can see unusual activities going on with DNS, attached is snip of resource monitor with network activities on domain controller with Ad integrated DNS and Wireshark packet captured on one of the desktop.

    I can see lot of Dynamic update response failing but it seems like one-way communication form DNS to workstation. This does not make any sense.

    I would appreciate if you could direct me to troubleshoot this issue.

    Thank you

    Heymish98924-resource-monitor-dc.png98925-desktop-captured.png

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.