We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

DNS Issue???

WellingtonIS
WellingtonIS asked
on
Medium Priority
1,285 Views
Last Modified: 2013-02-09
I'm trying to do a DNS lookup from several workstations on my domain... I'm getting weldc001.domain can't find workstation x: Server Failed.  I've restarted DNS on my Domain Controller.  If  launch NSLookup from DNS it resolves fine.  I'm not sure what's going on.  I've searched the event viewer and nothing is there.
Comment
Watch Question

Sikhumbuzo NtsadaIT Administration

Commented:
Try setting up 1 PC with Static IP address and make sure to use your DNS server as primary and then try again.

Author

Commented:
We use static IP's. I just noticed taht there is a query error 6268 I wonder if this is causing my issue.
Sikhumbuzo NtsadaIT Administration

Commented:
The solution could be here:
http://support.microsoft.com/kb/2003485

Author

Commented:
I did that but I still can't do nslookup it's failing.

Author

Commented:
Interesting it's failing on my Domain Controller now.
Sikhumbuzo NtsadaIT Administration

Commented:
Did you stop and start your DNS service afterwards?

Author

Commented:
Stranger still.  If I do an NSlookup on the IP address it resolved however is I do and NSLookup on the name it fails???

Author

Commented:
Yes I stopped DNS and started it again.  It's working on my DC again both ways - name and IP but not on the workstations.
Leon FesterSenior Solutions Architect

Commented:
If it's failing on your DC then consider that there are serious problems with your DNS Server.
Have your run any diagnostics?
dcdiag would be a start.

Otherwise consider the following articles.
http://technet.microsoft.com/en-us/library/cc731991.aspx
http://technet.microsoft.com/en-us/library/bb726934.aspx

Author

Commented:
No not failing on the DC anymore - just on the workstations.  I can ping names I can nslookup IP addresses but I can't nslookup names from the workstations.  These workstations have static IP's

Author

Commented:
I ran DCdiag and no problems everything passed.
Sikhumbuzo NtsadaIT Administration

Commented:
Do you have reverse lookup zone configured?

Author

Commented:
Yes many of them and I have 127 255 and 0 too.
Leon FesterSenior Solutions Architect

Commented:
Run IPCONFIG /ALL on the workstation to confirm what IP Address it has set as it's DNS server.

Next run just NSLOOKUP on the workstation, don't do nslookup <<name/IP>>
Check the server is it the same as the one in the NIC?
Is it the correct one that it should be pointing to?

Querying the DNS Server directly should confirm if i you can do name resolution from each server.

If you have another DNS Server, then try changing it on that workstation and test it.
Sikhumbuzo NtsadaIT Administration

Commented:
please post the properties of the IP settings of your workstation.

Author

Commented:
Just tried NSLOOKUP and it returned the Domain Controller correctly.  I have both DNS servers listed in DNS and they too are correct.
Sikhumbuzo NtsadaIT Administration

Commented:
is it working now?

Author

Commented:
no I still can't do NSLOOKUP

nslookup-error.png
Sikhumbuzo NtsadaIT Administration

Commented:
If you have DNS, try putting one workstaion on DHCP so the server can recreate a new record for that PC and do nslookup, also update DNS records, Scavange stale records, clear cache.

Author

Commented:
cleared cache, scavanged stale records and flushdns on the workstation.  On DHCP I got the same error.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Does it resolve other names in dns from the client?

You can try some debug.
Run:
 nslookup
  set d2


...this will turn debug on.  Now you can just enter the names you want to try and resolve and look at the output.  Try both known working lookups as well as the failing one.
Try just the name, fully qualified as well as fully qualified plus a "." at the end.

See this as well:
http://www.process.com/techsupport/multinet/787/44.html

Author

Commented:
here's a "stupid" question for you.  My dc is one of many in a Forest.  I have a top domain located in my Corp office in another location.  I'm starting to wonder if there's a bigger issue?

Author

Commented:
I'm quite sure how to run that command nslookup set d2 is this on one line?  or nslookup (enter) then set d2?

Author

Commented:
OK here' s what I got..

:\Users\wrmrosnei>nslookup
Default Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

> set d2
> nslookup wrmdisdtest
------------
SendRequest(), len 29
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = A, class = IN

------------
------------
Got answer (29 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = A, class = IN

------------
------------
SendRequest(), len 29
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = AAAA, class = IN

------------
------------
Got answer (29 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = AAAA, class = IN

------------
*** Can't find address for server wrmdisdtest: Server failed
>
PberSolutions Architect
CERTIFIED EXPERT

Commented:
You indicated you launched nslookup from the dns server and it resolves the wrmdisdtest record?  Is that the same server that this client is pointing to for dns?  i.e. weldc001

Have you tried doing an nslookup of:
wrmdisdtest.wellington.uhsinc.biz

Can you confrm that the record for wrmdisdtest actually exists in the zone via the DNS Management console?

Author

Commented:
Yes I have that record and I just  nslookup wrmdisdtest.wellington.uhsinc.biz and that worked?
PberSolutions Architect
CERTIFIED EXPERT

Commented:
So
nslookup wrmdisdtest
doesn't work

nslookup wrmdisdtest.wellington.uhsinc.biz
does work?

If so, on the client you need to add a dns suffix to the TCP/IP properties of the client (if you are statically assigning the addresses) or you need to add the DNS name option in your DHCP (if you are using DHCP).

Author

Commented:
I have that too. in options Append these suffixes (in order)
Wellington.uhsinc.biz
corp.uhsinc.biz
uhsinc.biz
last two are my corp office.
also have both boxes checked register this connection's address in DNS
use this connection's DNS suffix in DNS Registration.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
What do you get when you do an ipconfig /all on the client?  What do you get for primary dns suffix and dns suffix search list?

Funny thing, when you did the debug output of the nslookup, you should have seen it trolling through all the different zones and we didn't.

Author

Commented:
The only one that appears if I do ipconfig /all is wellington.uhsinc.biz.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Is this same behaviour happening on multple workstations, but always works when you do the same from the dns server itself?
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Just curious, when if you set the client TCP/IP (temporily) DNS Suffix for this connection to: wellington.uhsinc.biz

...and set the option to Append Primary and connection specific?

Can you resolve now?

Author

Commented:
No that doesn't work either
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Can you revert it back.

I want you to check the primary DNS suffix for this computer.  Tell me what it is:

To check (for XP):
Right click My Computer, select properties
Select the Computer Name tab
Click Change
Click More

For Vista/Windows 7
Right click computer, select properties
Click Change Settings (towards Bottom right)
Select the Computer Name tab
Click Change
Click More

Author

Commented:
wellington.uhsinc.biz  is the primary suffix DNs settings
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Can you post a debug (set d2) nslookup of the FQDN: wrmdisdtest.wellington.uhsinc.biz

Author

Commented:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\wrmrosnei>nslookup wrmdisdtest.wellington.uhsinc.biz
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

Name:    wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249


C:\Users\wrmrosnei>nslookup wrmdisdtest
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

*** weldc001.wellington.uhsinc.biz can't find wrmdisdtest: Server failed

C:\Users\wrmrosnei>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\wrmrosnei>ipconfig /registerdns

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has b
een initiated. Any errors will be reported in the Event Viewer in 15 minutes.

C:\Users\wrmrosnei>nslookup wrmdisdtest
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

*** weldc001.wellington.uhsinc.biz can't find wrmdisdtest: Server failed

C:\Users\wrmrosnei>nslookup wrmdisdtest.wellington.uhsinc.biz
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

Name:    wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249


C:\Users\wrmrosnei>ipconfig /all |more

Windows IP Configuration

   Host Name . . . . . . . . . . . . : wrmdisd04
   Primary Dns Suffix  . . . . . . . : wellington.uhsinc.biz
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : wellington.uhsinc.biz

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controlle
r
   Physical Address. . . . . . . . . : 00-24-E8-3B-B7-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::458c:e7f3:54b:658c%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.75.152.34(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Default Gateway . . . . . . . . . : 10.75.152.254
   DHCPv6 IAID . . . . . . . . . . . : 234890472
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-94-51-F1-00-24-E8-3B-B7-40
   DNS Servers . . . . . . . . . . . : 10.75.153.4
                                       10.75.153.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{44C6F178-A0A8-40FC-951E-F1A90ACB180A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


C:\Users\wrmrosnei>nslookup
Default Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

> set d2
> nslookup wrmdisdtest.wellington.uhsinc.biz
------------
SendRequest(), len 51
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = A, class = IN

------------
------------
Got answer (67 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = A, class = IN
    ANSWERS:
    ->  wrmdisdtest.wellington.uhsinc.biz
        type = A, class = IN, dlen = 4
        internet address = 10.75.152.249
        ttl = 1200 (20 mins)

------------
------------
SendRequest(), len 51
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = AAAA, class = IN

------------
------------
Got answer (107 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  wellington.uhsinc.biz
        type = SOA, class = IN, dlen = 44
        ttl = 3600 (1 hour)
        primary name server = weldc001.wellington.uhsinc.biz
        responsible mail addr = hostmaster.wellington.uhsinc.biz
        serial  = 39387
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
Server:  wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249

------------
SendRequest(), len 26
    HEADER:
        opcode = QUERY, id = 4, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        nslookup, type = A, class = IN

------------
recvfrom: Result too large
SendRequest failed
------------
SendRequest(), len 26
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        nslookup, type = AAAA, class = IN

------------
recvfrom: Result too large
SendRequest failed
*** wrmdisdtest.wellington.uhsinc.biz can't find nslookup: No response from serv
er
>
PberSolutions Architect
CERTIFIED EXPERT

Commented:
This seems to be totally client related.  When you supply the fqdn to the server, it works.  The client should be default append it's DNS suffixes when performing dns lookups.  I think we can defintely rule out the DNS server.  The client looks to be configured with DNS suffixes, but doesn't list them all in ipconfig as it should and is not appending when doing dns lookups.

Do you guys use IPv6?  Can that be unchecked from the TCP/IP bindings.  I don't think that is the issue, but if you aren't using, it couldn't hurt to unbind it.  Give that a try and test.

I'm leaning towards there may be something wrong with the TCP/IP stack for that NIC.  Why this same hehaviour would happen on multiple machines, I'm not sure why.  Possibly it the source image.  Once again I'm speculating.  

I would be tempted to just delete the NIC in device manager and then redetect and set it back up again and see if the problem persists.

Author

Commented:
All the clients???  I tried it on about 5 or 6 machines so far and the same thing.  Some are static IPs and some are DHCP.  It was working yesterday and today no.
No I don't use IP6 I'm actually the only one using windows 7.

Maybe I will try to delete the card on one machine and redo it.  Thanx for the advice.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Any new domain policies implemented since yesterday?
Also are there any firewalls in play between your client and the dns server?

Author

Commented:
No new policies but windows updates humm pehaps that did it?  No firewall the domain controllers are here.
PberSolutions Architect
CERTIFIED EXPERT

Commented:

Author

Commented:
the only thing is that registry entry for DNS client is Register Adapter Name and Search List, and default that entry isn't there.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Can you run rsop.msc and look at the following locaiton:

Computer Configuration -> Administrative Templates -> Network -> DNS Client

Are there any settings controlled here be GPO?

Author

Commented:
Sorry about that, I added the entry with both the zero and the 1 - nothing is working.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
Any results from the rsop.msc?

Author

Commented:
Just about to run sorry.

Author

Commented:
the only thing that comes up with the DNS client is the search..
Primary DNS suffix: Wellington.uhsinc.biz
Search List:
wellington.uhsinc.biz, corp.uhsinc.biz, uhsinc.biz
Register DNS records with connection-specific DNS suffix enabled.
PberSolutions Architect
CERTIFIED EXPERT

Commented:
So you have a GPO that controls the DNS suffixes?  If so, I wonder if you can prevent that computer from getting the GPO by moving to a different OU or however and see if a manually set DNS suffix works.  Bottom line  the client isn't appending the dns suffixes when it does a query to DNS.  If you use FQDN it works.  

Author

Commented:
OK I can set my test machine to a manual DNS suffix but should I set it to all 3?

Author

Commented:
Also and strange this happened 2 days ago.  Up until that point it was working fine.  I installed windows updates and rebooted the server.  Later that day it stopped working.
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
please close this the issue is not resolved.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.