Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS 2008 DNS issues

Posted on 2013-01-29
15
Medium Priority
?
1,531 Views
Last Modified: 2013-12-02
Hi all,

I'm experiencing issues with SBS 2011 DNS. I noticed that users are experiencing slow network access and slow in resolving names. I did some troubleshooting and I found that when I launch nslookup my default server: is unknown and the Address is: the wrong IP, It is the RRAS IP address. See the attached file.

Hope this information helps
DNS.png
0
Comment
Question by:blutonetech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +2
15 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 38833367
Make sure that the DHCP server is providing clients with the IP of the SBS server as the ONLY DNS server. Any machines with static IPs (including the SBS server itself), should have the IP of the SBS server entered as the ONLY DNS server on the IP settings
0
 

Author Comment

by:blutonetech
ID: 38833422
Hi KCTS,

It is affecting the clients with slow login, etc. but the problem is mainly with the DNS server. When I launch NSlookup from the DNS MMC i get this message;
Default Server:  UnKnown
Address:  10.0.0.107

Even when I type the cmd name in nslookup this is what it comes back with.
> name
Server:  UnKnown
Address:  10.0.0.107

*** UnKnown can't find name: Non-existent domain
0
 
LVL 70

Accepted Solution

by:
KCTS earned 450 total points
ID: 38833541
NSlookup returns Unknown when you don't have a reverse lookup zone - in most cases you don't need such a zone ans this can be ignored - its not the cause of your slow login.

Slow logins are usually a result of the client not having the IP of the SBS server as their DNS server - this can occur when DHCP is not configured to give out the correct IP, or if you use a router for DHCP rather than the SBS server itself and the router specifies itself as the DNS server.
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 38833557
Is this SBS2008 or SBS2011 and which version?  RRAS is not normally installed with SBS.. check your network adapter settings DNS settings it should only be the ip address of the sbs server
0
 
LVL 18

Assisted Solution

by:Andrew Davis
Andrew Davis earned 450 total points
ID: 38833560
Let me start by saying that KCTS is correct, and i believe that he is on the right track.

what machine are you running the nslookup from?
what machine is the 10.0.0.107?can you please provide a copy of "ipconfig /all" and "nslookup {ip address of SBS server}" run from both the SBS server its-self and also from one of the clients. This way we can see what the ip configuration of both the server and a client is and the relative results.

Cheers
Andrew.
0
 

Author Comment

by:blutonetech
ID: 38833608
The server is SBS 2011 SP1 and I'm running DHCP from the server. It is configured to provide DNS from the server and not the router. The DNS on the server NIC is pointing to the sever IP 10.0.0.250. I also have a secondary DNS server over the VPN and I can perform normal ping test such as the IP address, ping -a, server name and full server name between servers. The other server can perform a proper NSlookup, etc.

C:\Users\admin>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.107(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : 78-2B-CB-34-B3-87
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::17b2:9b7a:b25c:ffb7%10(Preferred)
   Link-local IPv6 Address . . . . . : fe80::f4d2:be14:a625:447e%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.250(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.0.254
   DHCPv6 IAID . . . . . . . . . . . : 242756555
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A9-C6-29-78-2B-CB-34-B3-87

   DNS Servers . . . . . . . . . . . : fe80::17b2:9b7a:b25c:ffb7%10
                                       10.0.0.250
                                       192.168.1.253
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D0F56D9E-8FB9-43F8-8E97-5506267B823B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

***
NSLOOKUP

C:\Users\admin>nslookup
Default Server:  UnKnown
Address:  fe80::17b2:9b7a:b25c:ffb7  <---I'm not sure why it is using IPV6|

Hope this information helps.
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38833632
from your ipconfig:-
-------------------
 DNS Servers . . . . . . . . . . . : fe80::17b2:9b7a:b25c:ffb7%10
                                       10.0.0.250
                                       192.168.1.253
-------------------

if your not using IPv6 internally then turn it off on your servers network settings.
in the network settings for your server go into the tcp/ip settings and adjust your DNS settings to use ONLY 10.0.0.250 . Remove that other entry for 192.168.1.253.

What are the clients getting from the DHCP? if you send us the same from a client then we will be able to tell.

Cheers
Andrew
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 38833654
Do not turn off IPv6, it will cause all sorts of problems and there is absolutly no need to do so.
http://blogs.technet.com/b/sbs/archive/2008/10/24/issues-after-disabling-ipv6-on-your-nic-on-sbs-2008.aspx
http://blogs.technet.com/b/sbs/archive/2011/02/18/small-business-server-2011-slow-to-boot-and-several-services-fail-to-start.aspx

However you must have the SBS point ONLY to itself for DNS as others have stated.  You must also verify that the client machines are also pointing ONLY to the SBS for DNS.
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38833720
Sorry, Robwill is correct. My Bad. Dont disable IPv6 on the server.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 38833737
:-)
0
 

Author Comment

by:blutonetech
ID: 38837260
Hi All, thanks for your resposes. Please see below the workstation IPCONFIG /ALL results.

C:\Documents and Settings\milagros>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : WP-MEL-WKS
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : domain.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : domain.local
        Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E G
igabit Ethernet NIC
        Physical Address. . . . . . . . . : 00-21-5A-64-8C-E5
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.0.0.136
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.0.254
        DHCP Server . . . . . . . . . . . : 10.0.0.250
        DNS Servers . . . . . . . . . . . : 10.0.0.250
        Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 8:26:48 A
M
        Lease Expires . . . . . . . . . . : Friday, February 08, 2013 8:26:48 AM


***
C:\Documents and Settings\milagros>nslookup
Default Server:  wpserver04.domain.local
Address:  10.0.0.250
******

I've also tried a few other things yesterday with the server, I ran Windows Server Solutions Best Practices Analyzer 1.0 and it reported that there was no DNS name server records.

Category: Configuration

Source: 74

Issue: There are no DNS name server (NS) resource records for the delegated _msdcs forward lookup zone.

Impact: If no DNS name server (NS) resource record exists for the delegated _msdcs forward lookup zone, the DNS Server service cannot resolve the DNS resource records for the domain and will fail to start.

Resolution: Click Start, point to Administrative Tools, and then click DNS. In DNS Manager, expand your server name, and then expand Forward Lookup Zones. Click the forward lookup zone for your Active Directory domain (for example: contoso.local). The delegated _msdcs zone appears as a greyed out folder. Right-click the _msdcs zone, and then click Properties. On the Name Servers tab, verify that the settings are correct. Make any necessary changes, and then click OK to save the settings.

I have made the changes as suggested but I don't think it has made a difference though, one user had a slow login.


Thanks guys!
0
 
LVL 70

Expert Comment

by:KCTS
ID: 38837466
I notice on your client you have 192.168.1.253 listed as a DNS server - what is this ?
If it not a Windows DNS server that's part of your domain it mist be removed - it is this that could be causing the issues that you describe
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 38837603
on the server you are going to have to go into trend micro's firewall and open ports 80/443/53
and more, use this page for the ports to open
0
 

Author Comment

by:blutonetech
ID: 38837606
Yes 192.168.1.253 is or secondary DNS. But I've made it so the client can only get the 10.0.0.250 DNS setting.
I've also removed the 192.168.1.253 entry on the server TCP/IP settings so now all clients and server are using 10.0.0.250 as the only and main DNS.
0
 

Author Closing Comment

by:blutonetech
ID: 38972348
The problem was a faulty ethernet cable. Replaced the cable and it all went back to normal.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question