Server 2008 DNS - Internal Name Resolution Issues on PCs

So, here's the situation I am encountering:

I have 2 different buildings, each on the same domain, and each with their own DC. The domain controller in each building acts as the DHCP/DNS server as well for that building, and they use separate subnets within the same range (192.168.8.0-19.268.15.255 for one, and 192.168.16.0-192.168.20.255 for the other).

There is a static connection between the buildings with routing configured.

The building with the 16.0 addresses, everything works fine with it's Server 2012 domain controller. However, at the other location, which has a Server 2008 R2 machine, there is a DNS issue. On the server itself, I am able to resolve the addresses of both locations. But, when I get on a PC in that building, it can only resolve addresses for the building in which the server resides. So, on the server, I am able to resolve ExampleName to 192.168.16.1, for instance, but on any PC in that building, ExampleName returns that it cannot find the IP address.

I've tried restarting the routers, as well as the DNS service on the Server 2008 domain controller, but have not successfully resolved the issue that way. Any idea what might be going wrong here?
LVL 7
CorinTackNetwork EngineerAsked:
Who is Participating?
 
CorinTackNetwork EngineerAuthor Commented:
This actually is an AD environment.

What's really bothering me about this is that it just started a little over a week ago. These servers have been running, without issue, using this configuration for over 2 years. Then, suddenly, it is no longer working.

I have tried modifying the server's DNS, but this didn't do any more to resolve the issue than rebooting.
0
 
Guy LidbetterCommented:
First off...

I'd check the DHCP scope options for the server 2008 site and make sure its configured with the local DC (Server 2008) as the first DNS option.

If you've duplicated the setup on both sites, you may find the clients aren't able to contact the first DNS server (2012 server) for DNS lookup. But the clients on the other site can.
0
 
JCincyCommented:
On a PC in the problem building open the Command window. Run;
ipconfig /all
What is the result for the DNS server(s)?
Is it pointing to the correct DNS server(s)?

Can you ping the DNS servers from this PC?
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Guy LidbetterCommented:
Don't forget you'll have to renew the IP lease to get the changes...
0
 
CorinTackNetwork EngineerAuthor Commented:
Yeah, the DNS options for that DHCP scope have the 2008 server first, then the 2012 server, then a public DNS (just in case) as a 3rd alternate option.

I should probably also mention that if I ping the IP address of a machine on the 192.168.16.X side from the 192.168.8.X side, this does work (so I know the connection is functional), I just can't seem to get DNS resolution to function for the computers that are supposed to be using the Server 2008 machine for their DNS internally. (I can resolve external names, and names inside the 192.168.8.X network, as stated above, just not those across the static link.)
0
 
CorinTackNetwork EngineerAuthor Commented:
I get the correct servers, which, for the purpose of this example set of addresses, is 192.168.8.1 and 192.168.16.1. These show as the servers.

I am able to ping the 192.168.8.1 by its name and IP address. However, I can only ping the 192.168.16.1 server by its IP, as the name will not resolve.
0
 
JCincyCommented:
Can you connect to a server by IP address (eliminating the DNS for the moment)?
0
 
CorinTackNetwork EngineerAuthor Commented:
Yes, I can connect with just the IP, but it doesn't help the 300+ people trying to connect to their e-mail over the link who are unable to do so because they can't resolve the name of the Exchange server, which is in that 192.168.16.X range.
0
 
matrix8086Commented:
The clients must have the same DNS in the network settings. And you must have an internal DNS for this
0
 
JCincyCommented:
Some DNS commands that might be helpful:

ipconfig /displaydns -- shows what the machine is storing in it's DNS cache
ipconfig /flushdns -- flushes the local DNS cache

nslookup hostname  -- this will tell what DNS server is providing the information and what it resolves to
nslookup hostname DNSserver -- this will request specific DNS server to resolve the host
(you may also use ip addresses)

Also, in the DNS manager on the DNS server, you can check the forward lookup zones for entries for each server name. For example: Exchange  192.168.16.54
0
 
CorinTackNetwork EngineerAuthor Commented:
The DNS server being used at the problem location is set to provide DNS internally. Additionally, the secondary DNS server is actually the server at the other building. However, the problem remains. As an example, this is what the address information looks like on a PC when in the building with the problem:

IP: 192.168.8.30
Gateway: 192.168.8.1
DNS1: 192.168.8.254 (DNS server in this building)
DNS2: 192.168.16.254 (DNS server in other building)

The server in that building has the settings (again as an example):

IP: 192.168.8.254
Gateway: 192.168.8.1
DNS1: 172.0.0.1
DNS2: 192.168.16.254 (DNS server in other building)

The server in this building has no problems resolving addresses in either building, but is failing to provide DNS resolution for address ONLY in the other building to clients.

Clearing DNS does not help (have tried on both the server and the clients). I tried rebooting the server, and this appears to have fixed part of the issue (clients can get e-mail again), but not all of the issue (they still cannot resolve a help desk address that runs from a server in the other building).

I'm honestly at wit's end, unable to determine why DNS is not properly resolving address for clients.
0
 
matrix8086Commented:
HI,

I know your problem: the server with the IP 192.168.8.254 have no ideea about the other buildings computers names, because it knows that he is responsable for that domain and for him, the domain is as far as his network IP range.

He don't know about the other building because he is interogating itself for your domain. You should set as DNS1, the other servers IP address: 192.168.16.254 and that's it, no more additional DNS servers for 192.168.8.254 and it will work!

It shoul look like this:

The server in that building has the settings (again as an example):

IP: 192.168.8.254
Gateway: 192.168.8.1
DNS: 192.168.16.254 (DNS server in other building)

But that is only a half of the problem resolved, because the computers in the buildin with 16.0 will not know about the computers names from the other building. The full solution has ... 2 solutions:

1. You define the domain zone as master zone on 192.168.16.254 and a slave zone of the same domain on 192.168.8.254

2. You could implement an Active Directory, add all computers in the AD, define both server as DNS responsable of AD DNS and that's it!

Best regards!
0
 
matrix8086Commented:
Search in event log to find errors about DNS cannot syncronize and try to fix them
0
 
CorinTackNetwork EngineerAuthor Commented:
This server is being replaced, and so the company running it has decided not to pursue a solution further. As none of the solutions presented here resolved the issue, I am closing this question without marking a solution.
0
 
CorinTackNetwork EngineerAuthor Commented:
I need to close this question without awarding points, and this is the only way I know how. None of the solutions presented worked, and this server is going to be replaced shortly, so it is no longer a priority.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.