DNS issues on 2003 network
-
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
-
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
-
Also, should be mentioned, this is the window in which to consider a Linux DC, instead of WIndows. That Windows 2003 was still running suggests a major issue that can't be fixed by updating now - something stopped people from keeping systems under support and patched for the last decade. That's a really, really big concern. A decade without proper updates? Um, you can't be on Windows. It's that simple, unless there has been a real change at the top that would make the problem go away, you need to apply business logic and realism and look at this correctly.... Linux you can update without management oversight. Windows you cannot. If you install Windows, are you just creating the same problems again? Basically, Windows is a bandaid, Linux would be a fix. Once you install 2012 R2 DCs, Linux is off the table. RIght now, it is still on the table.
-
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
That's why I think it might have to do with SEP. He can't access external resources either.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
I can't do that safely as per @scottalanmiller
That's true, but you can't keep is safely, either.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
-
@scottalanmiller said in DNS issues on 2003 network:
Also, should be mentioned, this is the window in which to consider a Linux DC, instead of WIndows. That Windows 2003 was still running suggests a major issue that can't be fixed by updating now - something stopped people from keeping systems under support and patched for the last decade. That's a really, really big concern. A decade without proper updates? Um, you can't be on Windows. It's that simple, unless there has been a real change at the top that would make the problem go away, you need to apply business logic and realism and look at this correctly.... Linux you can update without management oversight. Windows you cannot. If you install Windows, are you just creating the same problems again? Basically, Windows is a bandaid, Linux would be a fix. Once you install 2012 R2 DCs, Linux is off the table. RIght now, it is still on the table.
Good point, but honestly, that requires Linux expertise.
-
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc?
-
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc?
No we are not
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
Wait ... no Internet access ... that isn't good.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc?
No we are not
ok, so why the heck can't you query 8.8.8.8? This is almost a no-brainer.
-
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
-
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
That thing has probably been rebooted more in the past few hours than in months combined!
-
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
Why are they running if people don't need them?
-
@coliver said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
Why are they running if people don't need them?
I just mean non-crucial. They are needed it's just not anyone would notice if they were down. Everything on ESX01 is functioning. Could this possibly be an NTP issue with the second host? I know the VM's are supposed to sync with the host itself
-
@wirestyle22 said in DNS issues on 2003 network:
@coliver said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
Why are they running if people don't need them?
I just mean non-crucial. They are needed it's just not anyone would notice if they were down. Everything on ESX01 is functioning. Could this possibly be an NTP issue with the second host? I know the VM's are supposed to sync with the host itself
Check the time, is it right? Then NTP isn't the issue.
-
Time does not affect DNS, though.
-
@wirestyle22 said in DNS issues on 2003 network:
@coliver said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
Why are they running if people don't need them?
I just mean non-crucial. They are needed it's just not anyone would notice if they were down. Everything on ESX01 is functioning. Could this possibly be an NTP issue with the second host? I know the VM's are supposed to sync with the host itself
Probably not the source of the problem, but you shouldn't do this. Use NTP, have seen lots of problems with hypervisor time syncs.
-
@wirestyle22 said in DNS issues on 2003 network:
I know the VM's are supposed to sync with the host itself
No, they most certainly are not.