workstation DNS resolution problem with DHCP reservations

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Have an interesting issue with DNS resolutions. We have DHCP scopes that do
dynamic IP assignments and we have reservations for a bunch of our
workstations. In each scope we have tested, the XP workstations that have
DHCP Reservations seem to have issues resolving DNS entries, example
\\<servername>, where we will have a XP workstation in the same scope getting
an IP address dynamic which isn't having that issue. This isn't a single
workstation issues all reserved systems have this issue, where all dynamic
workstations is not.

Anyone else seen this issue?

Thanks
 
Gio said:
Have an interesting issue with DNS resolutions. We have DHCP scopes
that do dynamic IP assignments and we have reservations for a bunch
of our workstations. In each scope we have tested, the XP
workstations that have DHCP Reservations seem to have issues
resolving DNS entries, example \\<servername>, where we will have a
XP workstation in the same scope getting an IP address dynamic which
isn't having that issue. This isn't a single workstation issues all
reserved systems have this issue, where all dynamic workstations is
not.

Anyone else seen this issue?
Click to expand...

This would be an issue with the DNS suffix search list and/or the DNS server
list.
In your ipconfig /all check that the DNS suffix search list is correct and
that you are using the internal DNS server only.
The only possible difference between the two, provided you are using the
internal DNS only would be the Primary DNS suffix as the connection specific
suffix should be the same. Unless, the reservations are using different
suffixes for option 015.

Post an ipconfig /all from one using a reservation and one not using a
reservation.
 
Thanks Kevin,

The DNS suffix search list was one of the first things that was checked.
The search list is being pushed down via a group policy, that is for our
domain users only, and they are the same for both dynamic and reservation
clients, as well as the DNS server list. Now the server we are trying to UNC
to does have a different suffix then the primary suffix, server is central
server farm on a Campus where our workstation is part of a different faculty.
Plus we entered an alias in our DNS server to help with the resolution of
it, but reservation workstaions will not resolve, without putting the FQDN.
Here is the kicker, we can ping the server by typing "ping <servername>", but
it will not connect when we type in the run bar \\<servername>...

Since we are on the topic of the DNS suffix search list, any idea of how to
push this down to clients via my DHCP server. The scope option of DNS suffix
search list should be 119, but the windows 2003 DHCP server has no such
option. I did try to create my own custom scope option but the option was
not being accepted by my client computers, Win 98/2000/XP.
 
Gio said:
Thanks Kevin,

The DNS suffix search list was one of the first things that was
checked.
The search list is being pushed down via a group policy, that is for
our domain users only, and they are the same for both dynamic and
reservation clients, as well as the DNS server list. Now the server
we are trying to UNC to does have a different suffix then the primary
suffix, server is central server farm on a Campus where our
workstation is part of a different faculty. Plus we entered an
alias in our DNS server to help with the resolution of
it, but reservation workstaions will not resolve, without putting the
FQDN. Here is the kicker, we can ping the server by typing "ping
<servername>", but it will not connect when we type in the run bar
\\<servername>...
Click to expand...

Is <servername> an alias name for the server?
If it is you will need to modify the registry to connect to the shares using
an alias name.
Since we are on the topic of the DNS suffix search list, any idea of
how to push this down to clients via my DHCP server. The scope
option of DNS suffix search list should be 119, but the windows 2003
DHCP server has no such option. I did try to create my own custom
scope option but the option was not being accepted by my client
computers, Win 98/2000/XP.
Click to expand...

I wish you would have posted the ipconfig /all I asked for.
Windows DHCP does not support a DNS suffix search list, I don't know of any
DHCP servers that do, as close as you can get is option 015 which assigns a
Connection specific DNS suffix which is added to the DNS suffix search list.
You can push out a DNS suffix search list to XP and Win2k3 clients using a
group policy from here:
Computer Configuration
-Administrative templates
-Network
-DNS Client

281308 - Connecting to SMB share on a Windows 2000-based computer or a
Windows Server 2003-based computer may not work with an alias name:
http://support.microsoft.com/default.aspx?scid=kb;en-us;281308

New group policies for DNS in Windows Server 2003:
http://support.microsoft.com/kb/294785/en-us
-Note- One new group policy is for assigning the DNS server list in TCP/IP
properties, if you set this policy, do not apply the policy to Laptop or
mobile clients as this policy overrides DHCP and manually configured DNS
server list. Clients that are used on more than one network should not get
this policy.
 
Here are the IP configs, both of my system, I marked it as reservation and
dynamic


H:\>ipconfig /all Reservation

Windows IP Configuration

Host Name . . . . . . . . . . . . : 239e-dell-arts
Primary Dns Suffix . . . . . . . : arts.ualberta.ca
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : arts.ualberta.ca
artslab.ualberta.ca
admin.ualberta.ca
ucs.ualberta.ca

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : arts.ualberta.ca
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Conne
ion
Physical Address. . . . . . . . . : 00-08-74-ED-0C-A5
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 129.128.113.76
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 129.128.113.1
DHCP Server . . . . . . . . . . . : 129.128.113.194
DNS Servers . . . . . . . . . . . : 129.128.113.190
129.128.113.207
129.128.96.11
129.128.113.208
129.128.5.233
Primary WINS Server . . . . . . . : 129.128.76.250
Secondary WINS Server . . . . . . : 129.128.5.250
Lease Obtained. . . . . . . . . . : Sunday, July 09, 2006 11:41:18 PM
Lease Expires . . . . . . . . . . : Sunday, July 16, 2006 11:41:18 PM



Dynamic

C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : 239e-dell-arts
Primary Dns Suffix . . . . . . . : arts.ualberta.ca
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : arts.ualberta.ca
artslab.ualberta.ca
admin.ualberta.ca
ucs.ualberta.ca

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : arts.ualberta.ca
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connect
ion
Physical Address. . . . . . . . . : 00-08-74-ED-0C-A5
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 129.128.113.76
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 129.128.113.1
DHCP Server . . . . . . . . . . . : 129.128.113.194
DNS Servers . . . . . . . . . . . : 129.128.113.190
129.128.113.207
129.128.96.11
129.128.113.208
129.128.5.233
Primary WINS Server . . . . . . . : 129.128.76.250
Secondary WINS Server . . . . . . : 129.128.5.250
Lease Obtained. . . . . . . . . . : Monday, July 10, 2006 8:17:20 AM
Lease Expires . . . . . . . . . . : Monday, July 17, 2006 8:17:20 AM
 
Gio said:
Here are the IP configs, both of my system, I marked it as reservation and
dynamic
Click to expand...
DNS Servers . . . . . . . . . . . : 129.128.113.190
129.128.113.207
129.128.96.11
129.128.113.208
129.128.5.233
Click to expand...

While there is nothing technically wrong with the above (per se),
this is a suspiciously LARGE list of DNS servers. ALL DNS
servers used by a DNS client computer (including 'servers' which
are DNS clients too) must use STRICTLY a DNS server (SET) that
resolves exactly the same names.

You cannot reliably mix internal and external DNS servers on the
client settings. Clients will tend to pick one (sometimes the
first, occasionally others) and STICK to it -- once a DNS server
returns a success OR A FAILURE the client will BELIEVE that
answer and will not check the other DNS servers.

With a large list like this, there is a good possibility you have
mixed DNS Server sets OR you have a DNS server that is not
replicating as it should.
Primary Dns Suffix . . . . . . . : arts.ualberta.ca
Connection-specific DNS Suffix . : arts.ualberta.ca
Click to expand...

While this is not "wrong" either it is also mildly suspicious:

There is SELDOM a reason to use "connection specific DNS suffix
lists" and practically never a reason to make them the same as
the Primary suffix. The primary suffix should ALWAYS be set,
and the connection specific is irrelevant when you only have one
NIC (and most of the time when you have more than one.)


As to wrong "DNS suffix search" list (discussed earlier in this
thread) this really has NOTHING to do with whether DNS resolution
works or not, but is merely for convenience so that full name do not
need to be typed.

So Suffix issues can be IMMEDIATELY checked and ELIMINATED by
just typing the full name, e.g.,

Use: ping testname.yourdomain.com.
Instead of just: testname

If the issue is that resolution works but suffix do not THEN,
and ONLY THEN, does it make sense to set the suffix LIST (not
the connection specific name) IN ADDITION to the primary DNS
name in the System Control panel.

Next, switch to NSlookup and go through EVERY ONE of those DNS
servers listed (above) to ensure that each one can resolve the
names as expected:

nslookup testname.yourdomain.com. 129.128.113.190
nslookup testname.yourdomain.com. 129.128.113.207
nslookup testname.yourdomain.com. 129.128.96.11
nslookup testname.yourdomain.com. 129.128.113.208
nslookup testname.yourdomain.com. 129.128.5.233

They must ALL work or you much fix or remove that DNS server
from the client search lists.

If you are trying to mix internal and external DNS servers the
the right way to resolve external names is to remove all of the
external servers from the DNS client configuration and arrange
for the INTERNAL servers to directly resolve OR FORWARD to an
external server (set) to do the external resolution.
 
Back
Top