Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SBS 2008 DNS issues

Posted on 2013-01-29
15
Medium Priority
?
1,535 Views
Last Modified: 2013-12-02
Hi all,

I'm experiencing issues with SBS 2011 DNS. I noticed that users are experiencing slow network access and slow in resolving names. I did some troubleshooting and I found that when I launch nslookup my default server: is unknown and the Address is: the wrong IP, It is the RRAS IP address. See the attached file.

Hope this information helps
DNS.png
0
Comment
Question by:dela Pena
  • 5
  • 3
  • 3
  • +2
15 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 38833367
Make sure that the DHCP server is providing clients with the IP of the SBS server as the ONLY DNS server. Any machines with static IPs (including the SBS server itself), should have the IP of the SBS server entered as the ONLY DNS server on the IP settings
0
 

Author Comment

by:dela Pena
ID: 38833422
Hi KCTS,

It is affecting the clients with slow login, etc. but the problem is mainly with the DNS server. When I launch NSlookup from the DNS MMC i get this message;
Default Server:  UnKnown
Address:  10.0.0.107

Even when I type the cmd name in nslookup this is what it comes back with.
> name
Server:  UnKnown
Address:  10.0.0.107

*** UnKnown can't find name: Non-existent domain
0
 
LVL 70

Accepted Solution

by:
KCTS earned 450 total points
ID: 38833541
NSlookup returns Unknown when you don't have a reverse lookup zone - in most cases you don't need such a zone ans this can be ignored - its not the cause of your slow login.

Slow logins are usually a result of the client not having the IP of the SBS server as their DNS server - this can occur when DHCP is not configured to give out the correct IP, or if you use a router for DHCP rather than the SBS server itself and the router specifies itself as the DNS server.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 38833557
Is this SBS2008 or SBS2011 and which version?  RRAS is not normally installed with SBS.. check your network adapter settings DNS settings it should only be the ip address of the sbs server
0
 
LVL 19

Assisted Solution

by:Andrew Davis
Andrew Davis earned 450 total points
ID: 38833560
Let me start by saying that KCTS is correct, and i believe that he is on the right track.

what machine are you running the nslookup from?
what machine is the 10.0.0.107?can you please provide a copy of "ipconfig /all" and "nslookup {ip address of SBS server}" run from both the SBS server its-self and also from one of the clients. This way we can see what the ip configuration of both the server and a client is and the relative results.

Cheers
Andrew.
0
 

Author Comment

by:dela Pena
ID: 38833608
The server is SBS 2011 SP1 and I'm running DHCP from the server. It is configured to provide DNS from the server and not the router. The DNS on the server NIC is pointing to the sever IP 10.0.0.250. I also have a secondary DNS server over the VPN and I can perform normal ping test such as the IP address, ping -a, server name and full server name between servers. The other server can perform a proper NSlookup, etc.

C:\Users\admin>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.107(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : 78-2B-CB-34-B3-87
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::17b2:9b7a:b25c:ffb7%10(Preferred)
   Link-local IPv6 Address . . . . . : fe80::f4d2:be14:a625:447e%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.250(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.0.254
   DHCPv6 IAID . . . . . . . . . . . : 242756555
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A9-C6-29-78-2B-CB-34-B3-87

   DNS Servers . . . . . . . . . . . : fe80::17b2:9b7a:b25c:ffb7%10
                                       10.0.0.250
                                       192.168.1.253
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D0F56D9E-8FB9-43F8-8E97-5506267B823B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

***
NSLOOKUP

C:\Users\admin>nslookup
Default Server:  UnKnown
Address:  fe80::17b2:9b7a:b25c:ffb7  <---I'm not sure why it is using IPV6|

Hope this information helps.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 38833632
from your ipconfig:-
-------------------
 DNS Servers . . . . . . . . . . . : fe80::17b2:9b7a:b25c:ffb7%10
                                       10.0.0.250
                                       192.168.1.253
-------------------

if your not using IPv6 internally then turn it off on your servers network settings.
in the network settings for your server go into the tcp/ip settings and adjust your DNS settings to use ONLY 10.0.0.250 . Remove that other entry for 192.168.1.253.

What are the clients getting from the DHCP? if you send us the same from a client then we will be able to tell.

Cheers
Andrew
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 38833654
Do not turn off IPv6, it will cause all sorts of problems and there is absolutly no need to do so.
http://blogs.technet.com/b/sbs/archive/2008/10/24/issues-after-disabling-ipv6-on-your-nic-on-sbs-2008.aspx
http://blogs.technet.com/b/sbs/archive/2011/02/18/small-business-server-2011-slow-to-boot-and-several-services-fail-to-start.aspx

However you must have the SBS point ONLY to itself for DNS as others have stated.  You must also verify that the client machines are also pointing ONLY to the SBS for DNS.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 38833720
Sorry, Robwill is correct. My Bad. Dont disable IPv6 on the server.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 38833737
:-)
0
 

Author Comment

by:dela Pena
ID: 38837260
Hi All, thanks for your resposes. Please see below the workstation IPCONFIG /ALL results.

C:\Documents and Settings\milagros>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : WP-MEL-WKS
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : domain.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : domain.local
        Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E G
igabit Ethernet NIC
        Physical Address. . . . . . . . . : 00-21-5A-64-8C-E5
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.0.0.136
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.0.254
        DHCP Server . . . . . . . . . . . : 10.0.0.250
        DNS Servers . . . . . . . . . . . : 10.0.0.250
        Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 8:26:48 A
M
        Lease Expires . . . . . . . . . . : Friday, February 08, 2013 8:26:48 AM


***
C:\Documents and Settings\milagros>nslookup
Default Server:  wpserver04.domain.local
Address:  10.0.0.250
******

I've also tried a few other things yesterday with the server, I ran Windows Server Solutions Best Practices Analyzer 1.0 and it reported that there was no DNS name server records.

Category: Configuration

Source: 74

Issue: There are no DNS name server (NS) resource records for the delegated _msdcs forward lookup zone.

Impact: If no DNS name server (NS) resource record exists for the delegated _msdcs forward lookup zone, the DNS Server service cannot resolve the DNS resource records for the domain and will fail to start.

Resolution: Click Start, point to Administrative Tools, and then click DNS. In DNS Manager, expand your server name, and then expand Forward Lookup Zones. Click the forward lookup zone for your Active Directory domain (for example: contoso.local). The delegated _msdcs zone appears as a greyed out folder. Right-click the _msdcs zone, and then click Properties. On the Name Servers tab, verify that the settings are correct. Make any necessary changes, and then click OK to save the settings.

I have made the changes as suggested but I don't think it has made a difference though, one user had a slow login.


Thanks guys!
0
 
LVL 70

Expert Comment

by:KCTS
ID: 38837466
I notice on your client you have 192.168.1.253 listed as a DNS server - what is this ?
If it not a Windows DNS server that's part of your domain it mist be removed - it is this that could be causing the issues that you describe
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 38837603
on the server you are going to have to go into trend micro's firewall and open ports 80/443/53
and more, use this page for the ports to open
0
 

Author Comment

by:dela Pena
ID: 38837606
Yes 192.168.1.253 is or secondary DNS. But I've made it so the client can only get the 10.0.0.250 DNS setting.
I've also removed the 192.168.1.253 entry on the server TCP/IP settings so now all clients and server are using 10.0.0.250 as the only and main DNS.
0
 

Author Closing Comment

by:dela Pena
ID: 38972348
The problem was a faulty ethernet cable. Replaced the cable and it all went back to normal.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question