DNS does not work sometimes

Question

Hi 
 Since we have a XG in our network there are DNS errors from time to time. 
 Our setup for DNS is the following: 
 
 The DNS server gets distributed via DHCP to the clients. The DNS server used for the clients is our internal DNS server, which is needed for the Active Directory 
 The internal server then resolves all the internal addresses 
 If the address is an external one, then there are DNS forwarders set on the internal DNS, they then would resolve these requests. In our case I set them to 8.8.8.8 and 8.8.4.4 
 
 Now sometimes the users infront of the clients get these errors: 
 
 After some time (between 5-10 minutes) the page loads finally after some reloads. 
 What could be the problem? Please don't exclude the most obvious problems, as I have nearly no experience with the Sophos Firewalls. 
 
 Best Regards and thanks in advance Luca

sachingurung · Answer

Hi, 
 Did you observe this behaviour for a specific website? Did you try a different web browser to check if the issue is browser specific? Any DoS configuration and drops? 
 Run the following command in CMD on the affected windows system, clear the browser cache and verify again. 
 
 ipconfig /flushdns 
 
 In the following scenario, XG will simply forward the DNS request to the internal DNS server for processing, if there is any glitch from the internal DNS server you need to investigate it locally. A PCAP will help us more to investigate further. 
 Out of curiosity, can you verify if there is any increase in Dropped or Error packets on the XG interface where the DNS server is located? Run the following command in Advanced Console, 
 
 watch ifconfig 
 
 Alongside, I will also suggest you to look at XG's request routing feature, for more information and configuration guide, refer to, https://community.sophos.com/kb/en-us/123099 . 
 Thanks,