WinGate Forums

[alexr]

WinGate 5.2.3
Windows 2000 pro

Every now and then WinGate crashes and displays an error message saying something like "ENS memory exhaustion."

Prior to this we can see a huge number of DNS requests from our main server (Windows 2003/AD.)

The other day our ISP called and told us they got 400 DNS requests per second from us.

What is causing this?

I have a feeling it could be related to the number of client lisences, so that our main server continually keeps retrying until WinGate crashes.

Is there a solution/work around?

[Pascal]

Upgrade to 6.0.3? It is significantly improved over 5.2.3 and you can use your 5.2.3 license with 6.0.3.

However, are you running in an active directory environment? Is WinGate your network's DNS Server, or does another DNS Server forward unresolved requests on to it?

[alexr]

Didn't know my 5.2.3 license would work with version 6 - that's good!

We are running Active Directory. Our Windows 2003 Server is also our main DNS server and forwards unresolved requests to WinGate.

The DNS requests from our Windows 2003 Server that show up in the activity log are originally from the other machines on the network.

My theory is that all client licenses are in use on WinGate when our Windows 2003 Server queries WinGate for DNS. Since all licenses are in use, WinGate refuses to handle them. Our Windows 2003 Server will not accept this and queries again - unstopably until WinGate crashes.

Is my theory correct?

If so, I think WinGate should accept all DNS requests independent of the number of licenses in use. Or implement a functionality where one machine (typically the DNS Server) could be granted "always access."

Alex.

[Pascal]

DNS Sessions (In WinGate 6) do not require a license. I suspect it might be a DNS loop, which is why I asked the question. WinGate 6 has the ability to exclude a server from DNS Lookups, so you can exclude your server.

What I suspect is happening is that WinGate is unable to resolve a request. Because of the nature of the setup, the AD is also listed as a "DNS" server for it, it sends the request there. AD can't resolve it and sends it back to WinGate, etc. etc.

Can you check if that might be the case?

[alexr]

When you say DNS sessions in WG6 does not require a license, does that include v6 with v5 license?

The WinGate machine has four Internet DNS servers set in the DNS/WINS Resolver, but it has also got our Win2003/AD server set in network properties under the LAN NIC. I think WG uses these if the others fail? This is probably the loop?

How do I exclude the Win2003/AD DNS server from WinGate? Can I do it with a v5 license?

Thanks for the help.

Alex.

[Pascal]

Yes, irrespective of the license in use.

You need to run the "Advanced Options" program on the start menu. (In WinGate's folder). That only comes with version 6. (Version 6 also has the code to force a DNS Server to be ignored)

[alexr]

OK. I've upgraded to v6.

Ran the program and set the IP-address of our AD server on the DNS exclusion list.

Is there a way I can test whether this is working, or should I just wait and see?

Thanks.

Alex.

[Pascal]

Not that I know of - unless you can repeat the circumstances that would've caused that lookup. Best to wait and see.