December 12, 2010

SBS 2008 DNS stops working for .uk, .eu and some other TLDs outside USA

In SBS 2008, when first installed or rebooted, DNS queries succeed, but after a period of about 1 day users report that they are unable to access some web sites. On inspection, it may be noticed that the inaccessible web sites are in the .uk and .eu Top Level Domains (TLDs) or certain other TLDs that are outside of the USA.

If left for several days, the problem may appear to resolve itself then re-occur after another day or so.

If the DNS server service is restarted, or the DNS cache on the server is cleared, then the problem is temporarily resolved but re-occurs after a day or so.

The cause of this problem is that in EU countries (and certain other TLDs outside the USA), nameserver records are typically cached for more than 1 day. SBS2008 has a cap on the maximum time that it will allow nameserver records to be cached, which defaults to 1 day. This default works fine in the USA but When the .uk and .eu records become stale, they are not deleted from the cache but are no longer returned as valid records. Therefore, they effectively prevent DNS lookups in those TLDs from succeeding until the records expire and are deleted from teh cache, or the DNS Server service is restarted.

The fix is to increase the maximum Time To Live (TTL) setting in the DNS server so that it recognises records older than 1 day. Experience has shown that setting the value to 4 days is usually enough, but the maximum setting is 30 days.


For a permanent work around, the MaxCacheTTL value needs to be changed to a value larger than the TLD TTL (Default value is 1 day, maximum value is 30 days). On SBS2008 there is no negative impact since this is the TTL for the cache of Resource Records. This is just the maximum value that it will be stored on DNS server. If the actual TTL is shorter, the shorter value will be used.

1. Start Registry Editor (Regedit.exe).
2. Locate the following registry key:
3.On the Edit menu, click New, click DWORD (32-bit) Value , and then add the following value:

Value: MaxCacheTTL
Data Type: DWORD
Data value: 0x69780 (432000 in decimal = 5 days)

4.Click OK .
5. Quit Registry Editor.
6. Restart the DNS server.


