Strange DNS issues after dead DC – At my wits end

on May 17 I received report of a down server. Went to check it out, and was unable to power it on. We’ve had service on that machine several times at this point, and are quite frustrated with it, so I recommended getting something new with a valid warranty. We did, and I set it up as a new DC-3.

For the last week or two, we’ve been experiencing slowness in DNS resolution time. Users will go to google something and that might work well, but then they might get NXDomain in google chrome when trying to click a result. Then the page might load but as a "web 1.0" version with no images or formatting, then will properly load upon refresh.

When DC-1 died, I:

  • seized FSMO roles on DC-2
  • updated DNS servers in DHCP
  • removed all records (I could find) of the old server in DNS
  • updated forwarders on each DNS server
  • performed metadata cleanup with ntdsutil
  • scoured through ADUC and AD Sites and Services for any references to
  • updated secondary DNS on DC-2 to point to DC-3 for each network
    adapter (primary DNS is loopback address)

if I run nslookup, it will show the correct specified DNS server, but will also say "DNS request timed out. timeout was 2 seconds." I believe I had it set to 3 seconds in the forwarder section.

Replication is working fine between servers. (per repadmin /syncall /adep)

Any information would be appreciated. Thanks in advance.