IIS (host headers) no longer working after upgrade from 2008R2 to 2012R2

Hi,

I'm upgrading an existing Windows 2008R2 who hosts over 30 sites (via host headers ;-) ).
But after the upgrade I can no longer access the sites.
When I change a binding to localhost ip * then the site works, but with 30 sites that isn't an option...
Any got any idea's what could be wrong?
LVL 2
Filip HeensAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
only one of the three items must be unique: port, ip-address, hostname
change the hostname
arnoldCommented:
check the log to see what is being reported

what are/were the bindings double check whether the



you've not provided any info on which to even guestimate what the issue is.

upgrades such as this are fraught with peril.

what is the binding before the change?

You may have not maintained the same Ip that the win2k8 had versus what the win2k12 has now.
David Johnson, CD, MVPOwnerCommented:
if the bindings didn't transfer over then you have to create them yourself
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

btanExec ConsultantCommented:
Also the IIS rule redirect (if any) for each site should also exist for new server after upgrade. If the IIS Host Header does not work, few things to check:
- Have you added the IP for the subdomain on the IIS?
- How about the DNS? When you ping this subdomain, does it resolve to the IP Address you specified?
- Do try using IIS -> click your site -> and hit the "Browse" link. Does it show up your site? If not, this means that the physical path setting of your site may be wrong.
Filip HeensAuthor Commented:
OK sorry that I gave "a bit" to few info ;-) :(
I'll give as much as I can...

First I made a replica of the original server and put it on another server.
I've put the hyperV networkcard in a separate VLAN with no internetaccess (just as precaution).
At first I just did an in place upgrade of the server, no changes in ip, hostheaders, ...
When I tried to browse to a site I got the error.
"You're not connected to a network" (I CAN ping the correct ipaddress (as is it local) and I'm NOT using proxy)
I checked the bindings, hostname is the FQDN, port = 80, ip = * (so that looks correct)
when I add * to the hostname with ip * and I browse to local host the site runs fine.
When I change the ip for the FQDN in the hosts file to 127.0.0.1 or ::1 (the loopback addresses in IP4 and IP6)  and I ping the FQDN, I'm getting the correct ip (the loopback address I changed for the test)
but still "You're not connected to a network"
So I can only browse the server when I browse to http://localhost (not matter what site I put the * for hostname (of course I have to remove it at the other site I did place it before as you can only run one site at a time with hostheader * and ip *)
So I hope you can understand my tests, I'll now answer the other questions in a next post ;-)
Filip HeensAuthor Commented:
David an arnold I think the answers are in my first answer ;-)
Btan
- Have you added the IP for the subdomain on the IIS?
         it's * so don't think I have to add it, anyway, I've tried it with adding the ip adslo, but that din't do anything :(
 - How about the DNS? When you ping this subdomain, does it resolve to the IP Address you specified?
         yep it resolves (and I've did the test with the correct ip in the hosts file and that replyed also, but didn't change anything)
 - Do try using IIS -> click your site -> and hit the "Browse" link. Does it show up your site? If not, this means that the physical path setting of your site may be wrong.
         path is correct, otherwise the localhost test wouldn't work neither ;-)
Filip HeensAuthor Commented:
As far as for the IIS logs. Nothing appears there when I get the "You're not connected to a network" (as I would suspect ;-) )
btanExec ConsultantCommented:
Since they are right, we can also check the binding that is supposed to be in place.... a <bindings> element should be available for each site in the ApplicationHost.config file, which can contain a collection of individual <binding> elements that define the individual protocol bindings for the site. Also each site need at least one HTTP or HTTPS binding to be viewable over the Internet.
https://www.iis.net/configreference/system.applicationhost/sites/site/bindings

If there is need to override bindings defaults (e.g. <siteDefaults> element) inherited (due to migration or changes etc), we can also use <clear /> element in the <bindings> element to override binding defaults.

Not the best means to check but just thinking what setting should be retained the same if upgrade is supposed to be working fine ... otherwise redo the binding using appcmd and restart iis
https://technet.microsoft.com/en-us/library/cc731692(v=ws.10).aspx
Filip HeensAuthor Commented:
Btan,

In the IIS manager I can see and set the binding, but I don't see a applicationhost.config file in the root of the site (or where does it needs to be located?)
arnoldCommented:
When you have FQDN in the binding, and when your system is isolated from being able to resolve FQDN to an Ip, the binding can not be resolved and may explain the network missing error received.

The FQDN also resolves to an IP that is not available on the system.

When using host headers (Single IP multiple sites, one should always use the listen on all interfaces binding distinguishing each site with the host header.  Caveat is if you need secure sites which have to be bound to a specific IP.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Filip HeensAuthor Commented:
Arnold,
I can resolve the fqdn in a cmd screen ;-) (did check that)
And the ip for all the binding is always * (except for some SSL sites)
arnoldCommented:
Lets try it this way, having everything is the same, and you have to manually adjust/reset the bindings clears the issue up suggests that an in-place upgrade has a transition/configuration that is overlooked and causing you this issue.


It seems you having identified an issue, are looking for a remedy having to perform additional transitions?
Filip HeensAuthor Commented:
no problem isn't solved.
the only thing that works is if I add "localhost" to the bindings and browse to localhost, but you can only do that at one site and then the site isn't accessible from the "outside" :(
What I need is that when I do the upgrade from 2008R2 to 2012R2 that i just keeps running ;-)
arnoldCommented:
what IPs are available on the system?
ipconfig?

does it have a static IP?

The features added to have auto-checking might be what is causing your issue.

IMHO, what is the impetus to migrate to 2012 at this time seemingly of a VM.

OS in place upgrade does guarantee that installed applications will function after the upgrade.

Was this system went through a similar process before going from 2003 to 2008?
Filip HeensAuthor Commented:
system has a static ip
can you give more insight on "The features added to have auto-checking might be what is causing your issue", I don't get this ;-)
I want to upgrade to 2012 because we also have this server as a second DNS server and prefer to have all DNS's on the same level
it is an in place upgrade but yet it doesn't work anymore? :( ;-)
Can't remember if this was once a 2003 (don't thing so as i thing my 2003 system where 32 bit ;-), but not sure anymore, I can be that is was 2003 though (see the special programs, that follow, IIS Mod Rewrite wasn't in IIS befor 7.x i tought?
I know I had some "special" software installed also.
IIS Mod-Rewrite Pro 4.2
IIS URL Rewrite Module 2
I did uninstall those programs before the upgrade...

Anyway, I just went back to the original replication of the test machine
There it still works.
I'm now going to uninstall the IIS Mod and URL rewrite programs, put it on an ip on my "home" network and see if i can browse to the server via my pc (to the home ip... I'll just add an hosthader test.domain.com and see what that gives. (on multiple sites domain1, domain 2, domain3, ...)
then I know the server is accessible from "outside" and see if it keeps working
If everything works like that I'll try to upgrade again.
anything I shoudl do, first 2012 then 2012R2 or directly 2012R2? any opinions on that?
btanExec ConsultantCommented:
Default for the applicationHost.config file is supposed to be in
%WINDIR%\System32\inetsrv\config\applicationHost.config
On a default install of any 64 bit Windows 2008 or Windows 7 there should not be an applicationHost.config in the C:\Windows\SysWOW64\inetsrv\Config folder.
Filip HeensAuthor Commented:
btan, ok will check later, I'm redoing the upgrade now on the testmachine ;-)
arnoldCommented:
In the newer systems, (since I think windows 7/Windows 2008) network sharing, the indication includes a check from the local system access to the internet. I think when this system is locked from Internet access, that might be what the network unavailable error you get.

DNS is a protocol, there is absolutely no requirement that  your have DNS running on the same level of OS.  The only OS based requirement deals with AD forest/domain level to be the lower aC base.
i.e. DC 2003, 2008, 2008R2 and 2012 The 2003 Native is the lowest that can exist.  If level is raised, the lower one has to be retired first.

Provided you configured AD DNS zone for access on any DNS server in the environment would mean if you have 2000 server DNS, 2003 Dns, 2008 DNS and 2012 DNs The zone will be accessible and the correct information will be available on each.

IMHO, since the failure long ago of an in place upgrade, It is best to setup a clean server without getting entangled with complications from other issues that if you follow the same pattern are hidden and would rear their ugly head at the most inconvenient time.

A clean setup also make room to test individual components and migrate/transition one site at a time.
Filip HeensAuthor Commented:
Arnold, I'dd really like to setup a new server for IIS, but moving the sites (who aren't from my own company, but from customers) isn't that easy...
some sites are in Joomla and somehow I don't think that's just copy/past ;-)
We have 3 DNS servers two are already on 2012 and for the WSP we use, there are some limitations when using DNS lower than 2012...
concerning the networksharing, I'll know more on that once I've done the upgrade. But it works on 2008 with no internet access (that I already tested ;-) )
arnoldCommented:
It depends on how you setup DNS and managing it.  Do you subordinate your DNS to one master in a NON-AD environment?

You can have one master DNS server with all others subordinated to it (primary/secondary zones)

The option you should follow is if you have an upgrade OS policy, you would need to make the new setup available to the customer to verify their site's functionality with the new os/JOOMLA,ETC.


If you are both hosting and managing their site, it is on you to  make sure the transition is stable, and hoping that an inplace upgrade will achieve this in a painless situation is a mistake.  The only think MS tests for an inplace upgrade is their own stuff.  It does not validate custom solutions/3rd party applications.

CMS apps of different versions require Specify specific OS version they support.

You Should not be chasing OS version upgrades/application versions upgrades unless they solve an issue you have or include an example/feature you were after.....
Filip HeensAuthor Commented:
We'll go figure.
I used the info about the nic without connection to the internet to try a new update but this time WITH an ip and able to resolve the internet
"When you have FQDN in the binding, and when your system is isolated from being able to resolve FQDN to an Ip, the binding can not be resolved and may explain the network missing error received."
And guess what, it just worked...
maybe that together with uninstalling old software did the trick, anyway on the test machine it is working.
Thanks all for the help and tips...
David Johnson, CD, MVPOwnerCommented:
use your hosts file to simulate dns while you do your testing
Filip HeensAuthor Commented:
David, I did use that testing methode ;-)
see "When I change the ip for the FQDN in the hosts file "
Anyway, the upgrade of the production server failed, but it was an Win2012 error during upgrade...
As all the data is on drive E and I have an upgraded "identical" system I'm just going to copy the system disk over to the production server and then switch the system drive in the Virtual system...
That way the actual upgrade only takes the time to shut down, change the location of the system disk and boot again... (and if that fails I only loose 5 minutes :D)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.