DNS problem =?ISO-8859-1?Q?=BF=3F?=

  • Thread starter Thread starter JeRiKo
  • Start date Start date
J

JeRiKo

Hi to all,

I have two DCs, DC1 "primary" and DC2 "backup" running W2K3.
DC1-> 10.0.1.10
DC2-> 10.0.1.77

When I try to resolv DNS from a client, with the DC1 offline, DC2 can't
resolv his own domain...

From client # nslookup forest.local
*** Can't find server name for address 10.0.1.77: Non-existent domain

From DC2 # nslookup forest.local
Server: localhost
Address: 127.0.0.1
Name: forest.local
Addresses: 10.0.1.10, 10.0.1.77


Everything has the default configuration. And I need that DC2 works alone.

Also, when I trie to connect to the Terminal Server in DC2, also with
DC1 offline, it refuse my connection saying that forest.local doesn't
exist. Then I put online DC1 and it work properly. I think that
everything it's a problem of DNS.

Any suggestions?

Thanx a lot, and sorry about my english.
 
In
JeRiKo said:
Hi to all,

I have two DCs, DC1 "primary" and DC2 "backup" running
W2K3.
DC1-> 10.0.1.10
DC2-> 10.0.1.77

When I try to resolv DNS from a client, with the DC1
offline, DC2 can't resolv his own domain...

From client # nslookup forest.local
*** Can't find server name for address 10.0.1.77:
Non-existent domain
Click to expand...

This is an nslookup thing, it doesn't mean DNS isn't working or that it has
a problem. Nslookup performs a reverse lookup on the IP of the DNS server,
if it can't find the PTR you get this message. You can ignore it or create a
reverse lookup zone and PTR record which will make the message go away..
From DC2 # nslookup forest.local
Server: localhost
Address: 127.0.0.1
Name: forest.local
Addresses: 10.0.1.10, 10.0.1.77


Everything has the default configuration. And I need that
DC2 works alone.

Also, when I trie to connect to the Terminal Server in
DC2, also with
DC1 offline, it refuse my connection saying that
forest.local doesn't exist. Then I put online DC1 and it
work properly. I think that everything it's a problem of
DNS.
Click to expand...

Connecting to the terminal server by only the domain name is not a good
idea, at least if you are using the AD domain name. You may be getting the
wrong IP address for the terminal server. As you can see the domain name
resolves to the IP address of both DCs, as it should. Which one has terminal
services on it?
If both, you should still use the server's FQDN "server.forest.local", so
you'll know which one you are getting the IP address for.
 
Kevin said:
In


This is an nslookup thing, it doesn't mean DNS isn't working or that it has
a problem. Nslookup performs a reverse lookup on the IP of the DNS server,
if it can't find the PTR you get this message. You can ignore it or create a
reverse lookup zone and PTR record which will make the message go away..




Connecting to the terminal server by only the domain name is not a good
idea, at least if you are using the AD domain name. You may be getting the
wrong IP address for the terminal server. As you can see the domain name
resolves to the IP address of both DCs, as it should. Which one has terminal
services on it?
If both, you should still use the server's FQDN "server.forest.local", so
you'll know which one you are getting the IP address for.
Click to expand...
Excuses,
I didn't explain very well, I connect to the terminal server using
10.0.1.77, I access the logon windows, I enter the login/passwd, and
then, when it's starting it says with a warning, that I can't enter
because the domain does not exists or it can't be connected.. ("he" is
the DC2) ..contact to the Admin ("me"?) :)

I also tried, with only DC2 up:
# ping forest.local
Ping request could not find host forest.local. Please check the name and
try again.

# ping amd-tornado.forest.local
Pinging amd-tornado.forest.local [10.0.1.77] with 32 bytes of data:
Reply from 10.0.1.77: bytes=32 time=3ms TTL=128
Reply from 10.0.1.77: bytes=32 time=3ms TTL=128

It seem that when Terminal Server it's starting, it look for the DC1
(primary), and because it isn't online, it doesn't start the session. If
I connect DC1 to the network, everything works fine.
I would like that DC2, acts like DC1.

More ideas?
Thanks
 
In
JeRiKo said:
Kevin D. Goodknecht Sr. [MVP] wrote:
Excuses,
I didn't explain very well, I connect to the terminal
server using
10.0.1.77, I access the logon windows, I enter the
login/passwd, and then, when it's starting it says with a
warning, that I can't enter because the domain does not
exists or it can't be connected.. ("he" is the DC2)
..contact to the Admin ("me"?) :)

I also tried, with only DC2 up:
# ping forest.local
Ping request could not find host forest.local. Please
check the name and try again.

# ping amd-tornado.forest.local
Pinging amd-tornado.forest.local [10.0.1.77] with 32
bytes of data: Reply from 10.0.1.77: bytes=32 time=3ms
TTL=128
Reply from 10.0.1.77: bytes=32 time=3ms TTL=128

It seem that when Terminal Server it's starting, it look
for the DC1 (primary), and because it isn't online, it
doesn't start the session. If I connect DC1 to the
network, everything works fine.
I would like that DC2, acts like DC1.

More ideas?
Thanks
Click to expand...

Post the ipconfig /all from both DCs, and list of forward lookup zones on
both DCs and the zone type.
 
Kevin said:
In
Kevin D. Goodknecht Sr. [MVP] wrote:
Excuses,
I didn't explain very well, I connect to the terminal
server using
10.0.1.77, I access the logon windows, I enter the
login/passwd, and then, when it's starting it says with a
warning, that I can't enter because the domain does not
exists or it can't be connected.. ("he" is the DC2)
..contact to the Admin ("me"?) :)

I also tried, with only DC2 up:
# ping forest.local
Ping request could not find host forest.local. Please
check the name and try again.

# ping amd-tornado.forest.local
Pinging amd-tornado.forest.local [10.0.1.77] with 32
bytes of data: Reply from 10.0.1.77: bytes=32 time=3ms
TTL=128
Reply from 10.0.1.77: bytes=32 time=3ms TTL=128

It seem that when Terminal Server it's starting, it look
for the DC1 (primary), and because it isn't online, it
doesn't start the session. If I connect DC1 to the
network, everything works fine.
I would like that DC2, acts like DC1.

More ideas?
Thanks
Click to expand...


Post the ipconfig /all from both DCs, and list of forward lookup zones on
both DCs and the zone type.
Click to expand...

I send you by mail, the files containing the forward lookup zones organized.

****************************
***********DC1**************
****************************

ipconfig
Windows IP Configuration

Host Name . . . . . . . . . . . . : flower-10
Primary Dns Suffix . . . . . . . : forest.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : forest.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For
Complete PC Management NIC (3C905C-TX)

Physical Address. . . . . . . . . : 00-04-76-EE-86-BD
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.1.1
DNS Servers . . . . . . . . . . . : 10.0.1.10
194.179.1.101

msdcs.forest.local Active Directory-Integrated Primary Running
dc
_sites
Default-First-Site-Name
_tcp
_kerberos Service Location (SRV) [0][100][88]
amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.

_tcp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

domains
8981dcf4-27b7-4f96-9b44-40d3a0375a96
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

gc
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][3268]
flower-10.forest.local.
_tcp
-> _ldap Service Location (SRV) [0][100][3268] amd-forest.forest.local.

pdc
_tcp
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

(same as parent folder) Start of Authority (SOA) [310],
flower-10.forest.local., hostmaster.
(same as parent folder) Name Server (NS) flower-10.forest.local.
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
aa94d412-31cf-470f-9b71-0ac44ba1d373 Alias (CNAME) flower-10.forest.local.
bf54f292-ecc6-4f74-91f9-9a53db7b3732 Alias (CNAME) amd-tornado.forest.local.


forest.local Active Directory-Integrated Primary Running
_msdcs
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
(same as parent folder) Name Server (NS) flower-10.forest.local.

_sites
Default-First-Site-Name
_tcp
_gc Service Location (SRV) [0][100][3268] flower-10.forest.local.
_kerberos Service Location (SRV) [0][100][88]
amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.

_tcp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_kpasswd Service Location (SRV) [0][100][464] amd-tornado.forest.local.
_kpasswd Service Location (SRV) [0][100][464] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

_udp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_kpasswd Service Location (SRV) [0][100][464] amd-tornado.forest.local.
_kpasswd Service Location (SRV) [0][100][464] flower-10.forest.local.

DomainDnsZones
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.

_tcp
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

(same as parent folder) Host (A) 10.0.1.77
(same as parent folder) Host (A) 10.0.1.10

ForestDnsZones
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.

_tcp
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

(same as parent folder) Host (A) 10.0.1.77
(same as parent folder) Host (A) 10.0.1.10

(same as parent folder) Start of Authority (SOA) [907],
flower-10.forest.local., hostmaster.
(same as parent folder) Name Server (NS) flower-10.forest.local.
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
(same as parent folder) Host (A) 10.0.1.10
(same as parent folder) Host (A) 10.0.1.77
amd-tornado Host (A) 10.0.1.77
flower-10 Host (A) 10.0.1.10
flower-itziar Host (A) 10.0.0.3
flower-laptop Host (A) 10.0.1.6


****************************
***********DC2**************
****************************

ipconfig
Configuración IP de Windows

Nombre del host . . . . . . . : amd-tornado
Sufijo DNS principal . . . . : forest.local
Tipo de nodo. . . . . . . . . : híbrido
Enrutamiento habilitado . . . : No
Proxy WINS habilitado . . . . : No
Lista de búsqueda sufijo DNS : forest.local

Adaptador Ethernet LiNKSYS:

Sufijo conexión específica DNS:
Descripción . . . . . . . . . : Wireless-G Portable USB Adapter
Dirección física. . . . . . . : 00-12-17-60-CD-5F
DHCP habilitado . . . . . . . : No
Dirección IP. . . . . . . . . : 10.0.1.77
Máscara de subred . . . . . . : 255.255.255.0
Puerta de enlace predet.. . . : 10.0.1.1
Servidores DNS. . . . . . . . : 10.0.1.10
10.0.1.77

/* With "->" I mark the differences I saw */

msdcs.forest.local Active Directory-Integrated Primary Running
dc
_sites
Default-First-Site-Name
_tcp
_kerberos Service Location (SRV) [0][100][88]
amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.

_tcp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

domains
8981dcf4-27b7-4f96-9b44-40d3a0375a96
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

gc
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][3268]
flower-10.forest.local.
_tcp
_ldap Service Location (SRV) [0][100][3268] amd-forest.forest.local.
-> _ldap Service Location (SRV) [0][100][3268] flower-10.forest.local.

pdc
_tcp
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

->(same as parent folder) Start of Authority (SOA) [315],
amd-tornado.local., hostmaster.
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
(same as parent folder) Name Server (NS) flower-10.forest.local.
aa94d412-31cf-470f-9b71-0ac44ba1d373 Alias (CNAME) flower-10.forest.local.
bf54f292-ecc6-4f74-91f9-9a53db7b3732 Alias (CNAME) amd-tornado.forest.local.


forest.local Active Directory-Integrated Primary Running
_msdcs
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
(same as parent folder) Name Server (NS) flower-10.forest.local.

_sites
Default-First-Site-Name
_tcp
_gc Service Location (SRV) [0][100][3268] flower-10.forest.local.
_kerberos Service Location (SRV) [0][100][88]
amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88]
flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.

_tcp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_kpasswd Service Location (SRV) [0][100][464] amd-tornado.forest.local.
_kpasswd Service Location (SRV) [0][100][464] flower-10.forest.local.
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

_udp
_kerberos Service Location (SRV) [0][100][88] amd-tornado.forest.local.
_kerberos Service Location (SRV) [0][100][88] flower-10.forest.local.
_kpasswd Service Location (SRV) [0][100][464] amd-tornado.forest.local.
_kpasswd Service Location (SRV) [0][100][464] flower-10.forest.local.

DomainDnsZones
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.

_tcp
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

(same as parent folder) Host (A) 10.0.1.77
(same as parent folder) Host (A) 10.0.1.10

ForestDnsZones
_sites
Default-First-Site-Name
_tcp
_ldap Service Location (SRV) [0][100][389]
amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389]
flower-10.forest.local.

_tcp
_ldap Service Location (SRV) [0][100][389] amd-tornado.forest.local.
_ldap Service Location (SRV) [0][100][389] flower-10.forest.local.

(same as parent folder) Host (A) 10.0.1.77
(same as parent folder) Host (A) 10.0.1.10

->(same as parent folder) Start of Authority (SOA) [909],
amd-tornado.local., hostmaster.
(same as parent folder) Name Server (NS) amd-tornado.forest.local.
(same as parent folder) Name Server (NS) flower-10.forest.local.
(same as parent folder) Host (A) 10.0.1.10
(same as parent folder) Host (A) 10.0.1.77
amd-tornado Host (A) 10.0.1.77
flower-10 Host (A) 10.0.1.10
flower-itziar Host (A) 10.0.0.3
flower-laptop Host (A) 10.0.1.6
 
In
JeRiKo said:
I send you by mail, the files containing the forward
lookup zones organized.

****************************
***********DC1**************
****************************

ipconfig
Windows IP Configuration

Host Name . . . . . . . . . . . . : flower-10
Primary Dns Suffix . . . . . . . : forest.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : forest.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL
10/100 PCI For Complete PC Management NIC (3C905C-TX)

Physical Address. . . . . . . . . : 00-04-76-EE-86-BD
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.1.1
DNS Servers . . . . . . . . . . . : 10.0.1.10
194.179.1.101
Click to expand...

The problem I see here is the use of 194.179.1.101 for DNS, I assume this is
you ISP or some other external DNS server. You should remove the server from
the NIC, the only place to use this server would be as a forwarder.
Use your other DC as the alternate DNS address.

That is the only problem I see. BTW, your comment on the SOA primary is
expected. In an Active Directory environment all zones stored in AD on all
DCs will have their OWN DNS as the SOA Primary. This is because the are all
masters and are writable. They replicate their data through AD.
 
Thanks for all, but I don't get the servers working as I wan't.

Now I have to study, I have a MCP exam this wednesday, so maybe after I
could dedicate more time to it.

Thanks again.
 
Back
Top