DNS Name Resolution Issue

I have an existing domain controller/ dns /dhcp server that has been working perfectly for about 100 clients for some months now. It is a Server 2010 R2 OS.
Today for no reason I can determine, it stopped resolving dns names for for my printers on WIndows 7 machines.
Name resolution works fine on Server 2003 and XP, but not on WIndows 7 or Server 2012.
NSlookup has the same problem. On XP it resolves correctly. On windows 7, it cannot find the dns server.
We made no configuration changes to the machine. We have rebooted it and restarted the DNS and DHCP services.
Other addresses resolves fine... it seems limited to our printers.
The only common thread I can see is that the addresses that don't resolve don't have IPV6 AAAA records.
I am totally stumped here. Thanks
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Is the NetBIOS over TCP/IP service running on the machines having problem?
You mention AAAA records, are your LAN addresses IPv6?  If so, then AAAA records are needed, otherwise not.  I am assuming you are talking about resolving names on your LAN and not the WAN.
JP_TechGroupAuthor Commented:
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Yes they are on a LAN or yes they are v6, or both.
JP_TechGroupAuthor Commented:
Sorry. Your questions came in at the same time!
Yes Netbios is enabled on all machines having issues.
The AAAA records on the DNS server were added automatically by dhcp. We use IPV4 for our addressing.
And this is a LAN we are talking about.
I am more familiar with v4.  In that case the lack of AAAA records is irrelevant, all be it interesting.

So NSlookup can resolve other address on the 7 machine, just not the printers???
JP_TechGroupAuthor Commented:
No nslookup resolves nothing on the windows 7 machines.
I would check if it can ping the dns servers.  and I would check what shows for DNS in ipconfig.
JP_TechGroupAuthor Commented:
Ping to domain controller works fine.
IPconfig shows correct dns server.
Most of the DNS names resolve. IT seems to only be the printers that won't name resolve.
Their IPs respond to pings.
Can these same printers be resolved from other machines?
JP_TechGroupAuthor Commented:
Only XP or server 2003 machines. WIndows 7 will not resolve their DNS names, though they will resolve other machines.
Can the windows 7 machine resolve other local domain names then the printers?
JP_TechGroupAuthor Commented:
Is the printer listed in Devices and Printers?

I was just being mystified because my printer was not showing up in NSLookup, but then I remembered, my printer is connect via USB.
JP_TechGroupAuthor Commented:
Yes. And they are all IP printers. And remember this was all working fine till 11am this morning! Nothing was changed.
THis is bsaffeling me.

Grasping at straws.  Are the Win7 machine and XP machine resolving from the same DNS server?
"this was all working fine till 11am this morning! "

Ok, let's take it from the top:

- Go to an affected workstation then turn off all security, firewalls, Antivirus, Malware protection, etc.  When I say turn off I mean disable it so that it doesn't run or better yet, uninstall what you can then restart.  Can you ping the printer by name?

- Backtrack and try to remember what changed at around that time.

- Was there any Windows updates, AV update, firewall update, endpoint firewall update applied to the client and server?  Turning off the AV or endpoint security will test if this is the issue.  Can you ping the printer by name?

- Can you check all the updates applied to the serve at that time?  If you found some updates installed, then uninstall them, restart the machine then try again.    Can you ping the printer by name?
JP_TechGroupAuthor Commented:
It gets thicker. If I disable IPV6 on the dns server, the printer names resolve. This is somehow tied to IPV6 and I cannot figure out how or why.
Don't know if this relates or not.

Windows 7 has a v6 IP stack, but XP and Win3K do not.

That could explain why they worked but 7 didn't.

You can turn off v6 in the network properties on Windows 7.

It is probably not a good idea to turn it off on the DNS server since then the AAAA records would be useless.

JP_TechGroupAuthor Commented:
I'm doing that, as a workaround but it doesn't fix the issue.
And I cannot find any evidence of an update that hit the server today.
Not sure why it changed at 11AM this morning but if you don't use IPV6 then maybe you would like to make IPV4 as default

Configuring IPv4 as Default over IPv6: https://dirteam.com/paul/2011/06/30/configuring-ipv4-as-default-over-ipv6/
Were the Windows 7 machines getting a v6 address?

You said you had a v4 lan.

I am going to look into this.  I have an issue with a Win2k8 machine that it running exchange saying it can not contact the domain controller.  Could be a v6 issue?
I've head IPV6 issue can be a problem because machines will use IPV6 in precedence to IPV4 and when it's not configured properly it can cause havoc.  At the same time, there can be issues if you disable it so what I recommend is to use IPV4 as default.

What to do.

My ISP doesn't support v6 so enabling v6 on my lan wouldn't seem to make sense.

My router, a CISCO 1921, does support v6.  But it's not configured.
I just found this, see attached picture.

Apparently the printer sharing is separate from the other network operations.

And can have it's own default network stack.
JP_TechGroupAuthor Commented:
Peeling back the onion a but. Nslookup on the domain returns an ipv6 address which is external.
Somehow my DNS lookups seem to be trying to get out rather than resolving internally.
Further research shows that pings to a records on any forward lookup zone are resolving to their external IPs rather than their internal ones... WHAT THE HELL IS GOING ON??
They should be resolved buy one of the DNS servers that is listed in ipconfig.  It that server can't resolve it, and it is set for recursive query, then the resolver will look outside to the root servers.

How is your DNS setup?

A week ago I was having some issues with DNS and internal IP addresses and finally gave up and setup a "split horizon" dns so that internal queries would only get internal IP addresses and external would only get external ip addresses and external queries would not be alowed to do recursive queries.  In my case I have public facing servers for web and mail and DNS.
JP_TechGroupAuthor Commented:
Ok, Here is the bottom line. The ipv6 DNS server shows to be the Gateway. The ipv4 dns address is correct. So the golden question is, how to change the ipv6 ip address to point to the dns server?
I do not understand why this is suddenly an issue, how it occurred or why and at the moment I don't care! I just need it fixed.
I think it would help if I understood a bit more about your network.

Is the DNS server serving address to the WAN or just your LAN?

Your said your lan is IPv4 only, right?

Can you attach a copy of the zone file for the main you are trying to resolve?

Can you attach a copy of the "ipconfig /all" output from the windows 7 machine?

Can you attach a copy of the nslookup command and output?

I think we should be able to sort this out fairly quickly.
JP_TechGroupAuthor Commented:
This should amuse you all. After analyzing the net traffic, we found the another dns server announcing on the network that clearly wasn't supposed to be on our LAN. The client is in a multi-office building where the wiring is old and the office have been rebuilt numerous times. Turns out there was a loose CAT5 cable in one of their offices hanging from the ceiling, as fate would have it, right next to an unused wall port. As fate would further have it, that port was not on a managed switch. The user said, "hmm that looks odd." Then they plugged cord A into socket B.
The cord was a loose end from another companies LAN. Viola'.. conjoined networks.
Thanks for all your help. I am unsure who to award points to here!
Wow!  Didn't expect that at all but glad you solved it.  Just wondering, how did you find out?  I guess after seeing another DNS server in your network it's a given there is a cross wiring somewhere.
Didn't see that one coming.

But it should have been obvious when looking at the IP of the replaying DNS machine and the list of DNS machines in your network.
JP_TechGroupAuthor Commented:
Agreed. I didn't catch it right off because the offending dns server was broadcasting its IPV6 address.
And We found it by isolating every port on every switch, one at a time until the other dns server appeared. Once we found the bad port, we traced it to its termination and viola'. That only took half a day!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.