Hi,

We are having two DNS servers working as master and slave in our DMZ network subnet.DMZ network consist other servers also, but only the DNS servers intermittently becomes unreachable (no ping response) from different subnets whereas the internal communication (within subnet) happens at that time.

From the DNS server we are unable to ping gateway ip also when the issue arises.We tried changing the port where DNS servers connected in DMZ switch and even reformatted the OS and reconfigured DNS but nothing seems to be working.We even tried changing the IP address of the server but after few days the New IP Address also gets affected

We google around a lot tying to fix the issue but no solution has yet come up.We are not even sure whether it is server issue or a network issue.

Please help us resolving the issue.

Thanks in anticipation.

Forgot to add that we are having rhel 5 update 4 in both the DNS servers

Anyone please suggest

The sounds like a hardware problem, specifically it sounds like you have an flaky switch somewhere. The fact that you can't ping out of the DNS server at the same time that nothing is coming in leads me to think this way.

Some things I can think of to try next time this happens:

1 - try pinging the gateway like you did. verify that it is not working.
2 - See if you can ping other devices on the same LAN segment. Normally, I would have said use traceroute to find out how far traffic is going, but you know that it is not going to the gateway. The question then becomes do you have any traffic at all, even on the same segment
3 - Look at the ifconfig output. Are you getting many errors? Rerun this command after a little while and see if the errors increase.
4 - Are the connectivity and activity lights on your Ethernet car lit and is the activity blinking?
5 - reboot the host PC and see if that clears the problem.
6 - reboot the gateway and see if that has any effect
7 - are these machines connected to any hubs (not switches) with other machines? If so, disconnect those as a an old will pass traffic from jabbering machine which will block traffic. This would appear as a high number of errors and collisions.
8 - Use a line checking tool on your cable to make sure it isn't pinched or has a bad crimp or try replacing it with a temporary cable.
9 - replace the NIC cards, one at a time. This goes with rebooting or shutting down the machines one at a time to see if you notice a change. If you do find a change, this is where I would try changing the NIC.

Thanks for the reply.

As I mentioned earlier also there are other servers also in the same subnet and working properly, also we interchange the switch port with other server but still the issue persists

So I believe switch is fine.

Here are other clarifications:
1. pinging to gateway not possible when problem occurs
2. We can able to ping other devices on the same segment, traceroute is not possible from DNS servers, traffic are reaching other servers but not DNS servers.
3. O error showing in ifconfig command and it is not increasing during the problem.
4. Ethernet card light is blinking.
5. rebooting doesn't solve the problem.
6. rebooting gateway(switch port)doesn't solve the problem.
7. no hub present in our entire network.
8. tried changing patch cable also but to no effect.
9. we tried configuring DNS in different server but after few days, it also starts giving same issue.

Waiting for your further suggestions.

Thanks

Ok, thank you for answering the questions. Lets take a look at what they tell us and see if we can come up with any ideas.

1 - the fact that ping does not work indicates that there is a problem with the IP sng dutack or something is interfering with (possibly blocking) communications. Ping uses raw sockets so it bypasses TCP and UDP and operates on a lower level. This tells us that the problem may be at a low level.
2 - The fact that other devices on the segment work in both directions along with the other steps taken suggests that the problem is localized to the DNS server. Specifically that you have changed ports on the switch, changed the cables, etc.
3,7,8 - Showing zero errors is a pretty good indication that you don't have a conflict, a jabbering device, or an overloaded segment. It may also indicate that when the server does go down, that it has a broken connection to the higher level applications that would notice the error.
4 - Ethernet lights blinking indicates that the card appears to be functional at a low level. It is detecting connectivity and the data carrier.
5 and 6 - rebooting not solving the problem says that it isn't caused by a software lockup. You either have a physical problem where something remains failed for a period of time or a configuration error that persists through reboots.

9 - this one is telling. You moved the configuration to an otherwise working server and it too starts giving you trouble. This is a strong indication that there is something in your configuration that is causing the network to stop functioning.

I think the problem is localized to the servers. There are still several things that could be the trouble, but at least I think you know where to look. Here would be the next steps I would take:

1 - can the server 'ping' itself at the local host address of 127.0.0.1?
2 - Are you running any sort of firewall, such as IP tables, or other "security" program with a dynamic response such as denyhosts?
2A - if you are running any such application, get a listing of what its state is. Perform a command such as iptables -L to list the status.
3 - does ifconfig show an IP address being assigned?
4 - if you run ifconfig a couple of times, does either the Rx or Tx packet count increase?
5 - look in the syslog and see if you have any errors. Dmesg could also be of value, but it is more difficult to interpret.
When you do ping to or from the DNS server, what error message do you receive? See the following: http://www.chicagotech.net/troubleshootingping.htm It contains some of the common error messages along with what they mean.
6 - use the netstat and see what ports are open. Specifically does port 53 have anything listening on it?
7 - if you try to ping 'google.com' what error message do you get? Is it different than trying to ping a local address? Again, check what the error message indicates.