shirkaan
asked on
DNS request from guest OS to ISP fail in Hyper-V
Hi,
after very intens investigation I would like to reduce my question to the very essence.
The setup is as follows:
* Hyper-V core 2008R2 with one NIC
* Two guest OSs - 1x W2k3 Std., 1x W2k3SBS
* DNS-Server on W2k3SBS guest
facts/problems:
* any DNS-request within the whole network to the internal DNS-Server works fine
* DNS-request from ANY other machines except the two virtual Servers to external DNS-Servers also work fine
* DNS-request from the Hyper-V host to external DNS-Servers are also ok
* DNS-request from any of the virtual servers fail.
* DNS-packets from the virtual servers can be successfuly traced up to the external DNS-server
* It makes no difference if nslookup is using the external DNS-server or the internal one that is then forwarding the request to external DNS-server. In any case the packets do definitly arrive at the external DNS and are answered, but the answers never arrive at the guest OS
* DNS trace on the w2k3SBS guest shows DNS-packets going out to the external DNS-servers but no packets coming in
* no firewall what so ever that could block any traffic (Hyper-V firewall explicitly turned off)
* system time is in sync on all machines
* again: ANY other computer on the network (using the same gaetway/firewall) is OK
The only thing I can think of may be the Hyper-V host not passing DNS packets from outside to the guest OSes.
Anyone ever had such a strange problem ?
after very intens investigation I would like to reduce my question to the very essence.
The setup is as follows:
* Hyper-V core 2008R2 with one NIC
* Two guest OSs - 1x W2k3 Std., 1x W2k3SBS
* DNS-Server on W2k3SBS guest
facts/problems:
* any DNS-request within the whole network to the internal DNS-Server works fine
* DNS-request from ANY other machines except the two virtual Servers to external DNS-Servers also work fine
* DNS-request from the Hyper-V host to external DNS-Servers are also ok
* DNS-request from any of the virtual servers fail.
* DNS-packets from the virtual servers can be successfuly traced up to the external DNS-server
* It makes no difference if nslookup is using the external DNS-server or the internal one that is then forwarding the request to external DNS-server. In any case the packets do definitly arrive at the external DNS and are answered, but the answers never arrive at the guest OS
* DNS trace on the w2k3SBS guest shows DNS-packets going out to the external DNS-servers but no packets coming in
* no firewall what so ever that could block any traffic (Hyper-V firewall explicitly turned off)
* system time is in sync on all machines
* again: ANY other computer on the network (using the same gaetway/firewall) is OK
The only thing I can think of may be the Hyper-V host not passing DNS packets from outside to the guest OSes.
Anyone ever had such a strange problem ?
Any vlans in play here? how is the networking set up for the vm's? host-only/internal/actual network card (direct)?
ASKER
No vlans. Networking setup for the vm's is actual network card.
But: As I captured the packets passing to and from the internet between the router and the ADSL-modem I could see the DNS requests coming from the vm's going out to the internet. No answer came back. Looking at the traffic between router and modem the only difference between DNS requests coming from the vm's and those coming from any other machine in the network is that only the requests from the other machines are answered.
So the DNS response packets coming from the internet don't even arrive at the router.
Thus there cannot be any problem with the networking setup of the vm's (?)
But: As I captured the packets passing to and from the internet between the router and the ADSL-modem I could see the DNS requests coming from the vm's going out to the internet. No answer came back. Looking at the traffic between router and modem the only difference between DNS requests coming from the vm's and those coming from any other machine in the network is that only the requests from the other machines are answered.
So the DNS response packets coming from the internet don't even arrive at the router.
Thus there cannot be any problem with the networking setup of the vm's (?)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Very tricky and unusual, only to be solved with very systematic approach. Symptoms of the problem pointed to many other possible causes.
ASKER
meanwhile I did some "wiresharking" between the router and ADSL-modem and the findings are stunning:
DNS-requests from the two virtual servers are definitly transmitted to the DNS-server but never receive any reply.
The same DNS-requests from ANY other machine in the network are also transmitted to the DNS-server and DO receive a reply (?)
So it seems someone is fiddling around with my DNS-requests, but only from to distinctive servers - does this make sense ?
Thanks for ANY comment - I'll keep you up to date.