Weird DNS Issues

garak0410

@scottalanmiller said:

@garak0410 said:

@scottalanmiller said:

So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....

Just....

nslookup aname
nslookup CNAME

Where aname and CNAME are the host names. There is no further syntax.

On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)

garak0410

I noticed on the new DC/DNS server, under the reverse lookup ZONE properties, under NAME SERVERS, the new DC/DNS server shows UNKNOWN...OK to update it?

scottalanmiller

@garak0410 said:

@scottalanmiller said:

@garak0410 said:

@scottalanmiller said:

So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....

Just....

nslookup aname
nslookup CNAME

Where aname and CNAME are the host names. There is no further syntax.

On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)

Sounds like you don't have your search domains defined and you are skipping the FQDN and are trying to use short names.

Dashrender

I agree with Scott, you're using short name instead of FQDN (Fully Qualified Domain Names). It's something that started back in the NT days with NetBIOS. You really should replace all \servername\sharename with \severname.domainname.com\sharename

for your nslookup try 'nslookup olddc.domainname.com' or nslookup newdc.domainname.com

Dashrender

Would you please post the exact output from ipconfig /all from a working and non working machine

should look like the follwing (you can change the same things I did if you want to hide your domain from us).

U:>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : om1290d2
Primary Dns Suffix . . . . . . . : domainname.net <- changed to protect
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.net <- changed to protect

Ethernet adapter Tripwire Tunnel Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Tripwire TAP Network Adapter
Physical Address. . . . . . . . . : 00-FF-CD-xx-xx-xx ** <- changed to protect**
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (New Virtual Switch):

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
Physical Address. . . . . . . . . : F0-92-1C-xx-xx-xx <- changed to protect
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4d7d:7ce2:b72c:eb60%9(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.1.254
DHCPv6 IAID . . . . . . . . . . . : 183538204
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-7B-00-80-F0-92-1C-DD-55-A8

DNS Servers . . . . . . . . . . . : 172.16.1.19
172.16.1.245
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F24F29C3-326D-xxxx-xxxx-xxxxxxxxxxxx}: <- changed to protect

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

garak0410

This is from a PC that never lost it's naming to the FILESERVER:

Windows IP Configuration

Host Name . . . . . . . . . . . . : accounting01
Primary Dns Suffix . . . . . . . : domainname.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : pinnstr.local
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-30-67-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d80:7b35:xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.xx.xx.xx(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, May 21, 2014 8:00:34 AM
Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 8:00:01 AM
Default Gateway . . . . . . . . . : 10.xx.xx.xx (our firewall)
DHCP Server . . . . . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
DHCPv6 IAID . . . . . . . . . . . : 234893415
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-8D-07-0C-00-30-67-61-63-9C

DNS Servers . . . . . . . . . . . : 10.xx.xx.xx (new DC/DNS Server)
10.xx.xx.xx (old DC/DNS server)
Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domainname.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

From a PC I had problems with today (and still do):

Windows IP Configuration

Host Name . . . . . . . . . . . . : estimating02
Primary Dns Suffix . . . . . . . : domainname.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connec
tion
Physical Address. . . . . . . . . : 00-1E-4F-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3156:295c:xx(Preferred)
IPv4 Address. . . . . . . . . . . : 10.xx.xx.xx(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 13, 2014 3:14:11 PM
Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 9:55:01 AM
Default Gateway . . . . . . . . . : 10.xx.xx.xx (firewall)
DHCP Server . . . . . . . . . . . : 10.0.0.16 (old DC/DNS server)
DHCPv6 IAID . . . . . . . . . . . : 234888783
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-61-xx-xx-xx-xx-xx-xx-xx-xx

DNS Servers . . . . . . . . . . . : 10.xx.xx.xx(new DC/DNS server)
Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domainname.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

scottalanmiller

See the search name in the working one? That is missing in the not working one I think.

garak0410

@scottalanmiller said:

See the search name in the working one? That is missing in the not working one I think.

I see it in both.

Is there any clue as to why this is ONLY name resolution problems to the fileserver and nothing else?

scottalanmiller

Can't think of anything. If every setting is the same.

Dashrender

@garak0410 said:

Is there any clue as to why this is ONLY name resolution problems to the fileserver and nothing else?

Host files, LMHOST files If the other servers are answering to NetBIOS over IP calls where the new file server won't.

My biggest guess is the last one.. Windows 2012 server might not be resolving NetBIOS names any more...

Dashrender

Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
This will also cause issues in some cases.

scottalanmiller

Oh good point. Don't want old WINS mucking about.

garak0410

This post is deleted!

garak0410

@Dashrender said:

Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
This will also cause issues in some cases.

Let me take a look at this.

Now, I KNOW I checked this but I guess I overlooked it and I know it wouldn't just go away. There was no reverse lookup for the file server (services01 is its physical name). I just added it.

scottalanmiller

@garak0410 said:

@Dashrender said:

Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
This will also cause issues in some cases.

Let me take a look at this.

Now, I KNOW I checked this but I guess I overlooked it and I know it wouldn't just go away. There was no reverse lookup for the file server (services01 is its physical name). I just added it.

Good to have but should not matter.

garak0410

@scottalanmiller said:

@garak0410 said:

@Dashrender said:

Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
This will also cause issues in some cases.

Let me take a look at this.

Now, I KNOW I checked this but I guess I overlooked it and I know it wouldn't just go away. There was no reverse lookup for the file server (services01 is its physical name). I just added it.

Good to have but should not matter.

k...this morning has been rather quiet SO FAR. Only one user had problems.

garak0410

Thanks for the help on this. I appreciate the positive candor in the midst of gaps in my DNS knowledge...

Dashrender

What did you change that seems to have solved the issue?

scottalanmiller

Its working now?

garak0410

Good Morning...it seems to be stable now. Here's what I did but not sure what fixed it.

The reverse lookup zone showed an UNKNOWN IP for the new DC/DNS server. Added it.
Rebooted the file server (which was the only one having DNS name resolution problems).

That's really it...I spent most of the time giving users workarounds.

The NEW DNS server shows no replication issues at all. Looks healthy.