Hello all,

I have one babbling problem.  I have three servers, 01, 02, and 03.  01 and 02 are running Windows Server 2008 R2 and both are physical servers.  H001 is running Windows 2012 with a Virtual Windows 2008 R2 server (Hyper-V) called 03.  01 is setup as the Active Directory, DNS, Domain Controller, and a few other server roles.  02 replicates 01 and 03 has a few programs on it.

The problem I am having is that when I log in (Domain or non-Domain) Mapped drivers to 01 and 02 are populated automatically, but 03 cant be found.  If I ping the name, 03 it tells me that 03 is not there.  However, if I ping 03s ip address, I can see it. I can even do a tracert.  I can do a remote desktop to 01 and 02 using the network names but with 03 I have use the ip address.

Trying to do a Remote Desktop connection with the server name, 03 gives me the error, "The connection cannot be completed because the remote computer that was reached is not the one you specified.  This could be caused by an outdated entry in the DNS cache.  Try using the IP address of the computer instead of the name."

I can use the IP address to connect but I really require to use the name.

If I login to the Domain, 03 takes up to 60 minutes to appear. I am then able to access shared resources with the name and not the ip.

I searched the Internet for a solution, but couldnt find anything that worked.  Any ideas you have, please let me know.

Thanks,

Ernie

• Edited by ewerezak Thursday, May 22, 2014 10:09 PM

Hi Ernie,

Is 03 a virtual machine, or is it the host that is running Hyper-V? It sounds like you are talking about four operating systems altogether.

01, 02 = physical hosts running 2008 R2

03 = physical host running 2012 with Hyper-V

04 = virtual host running 2008 R2, running as a VM on 03

Is this correct? If so, which server are you trying to reach, 03 or 04?

Thanks,

-Greg

Hi Ernie,

Thanks for clarifying. I missed that H001 was the name of your Hyper-V server.

In order for 03 to register its name in DNS, first of all the checkbox to "register this connection's addresses in DNS" must be enabled on the network interface. By default it is enabled, so it probably is enabled unless you somehow disabled it.

In order to accomplish the DNS registration (adding it's host name and IP address to the domain) it sends an SOA query to the primary DNS server configured on its network interface (it does this on all network interfaces if there are multiple). The SOA query basically asks the question: What DNS server is authoritative for my domain? In other words, where do I need to send this information?

Note: If the computer is a DHCP client, and DHCP is configured to register records on behalf of clients, then the DHCP server issues the SOA query.

Below is an example of how to issue an SOA query using nslookup. The computer will add its own domain instead of contoso.com.

-----------------------------------------------------------------------------------------------------------------------

C:\> nslookup -q=soa contoso.com
Server:  ipam1.contoso.com
Address:  192.168.0.3

Non-authoritative answer:
contoso.com
        primary name server = dc1.contoso.com
        responsible mail addr = hostmaster.contoso.com
        serial  = 77
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

dc1.contoso.com internet address = 192.168.0.1
dc1.contoso.com AAAA IPv6 address = 21da:d3:0:2f3b:ffff:ffff:ffff:ffff

----------------------------------------------------------------------------------------------

The query above tells you a couple things:

1. The DNS server that the SOA query is sent to is 192.168.0.3 (aka ipam1.contoso.com). That's because 192.168.0.3 is the primary DNS server configured on this computer's network adapter.

2. The authoritative DNS server for contoso.com is 192.168.0.1 (aka dc1.contoso.com).

If I configure an IP address on ipam1.contoso.com - say I change it from 192.168.0.3 to 192.168.0.4, the computer will ask it's DNS server where to send the update, it will find out that the update needs to be sent to 192.168.0.1, and it will send a request to the DNS server at 192.168.0.1 to change the host (A) record from .3 to .4.

If no SOA record is returned when the query is sent, perhaps because the computer has no domain or belongs to a domain that is hosted somewhere else, then registration of the host name won't happen.

Registration also won't happen if the computer (03) can't reach the authoritative DNS server (01).

In your VM "03" open up a command prompt and issue the nslookup shown above, using your domain instead of contoso.com. Verify that an authoritative server is returned and that it is correct, and that you can get to 01 from 03.

-Greg

• Edited by Greg LindsayMicrosoft employee, Owner Thursday, May 22, 2014 10:52 PM

Hi Greg,

Here is the information on when I ran the q=soa corp.com on my servers.  For security reasons I changed the domain name on this posting to corp.com.  It looks like 03 can't find the DNS server. 

Any ideas where to look why this is happening?

Thanks again!

Ernie

Server:  localhost
Address:  ::1

corp.com
 primary name server = ns1.corp.com
 responsible mail addr = mike.haven2.com
 serial  = 2014051213
 refresh = 86400 (1 day)
 retry   = 10800 (3 hours)
 expire  = 1814400 (21 days)
 default TTL = 43200 (12 hours)

ns1.corp.com internet address = 127.0.53.53

Server:  localhost
Address:  ::1

corp.com
 primary name server = ns1.corp.com
 responsible mail addr = mike.haven2.com
 serial  = 2014051213
 refresh = 86400 (1 day)
 retry   = 10800 (3 hours)
 expire  = 1814400 (21 days)
 default TTL = 43200 (12 hours)

ns1.corp.com internet address = 127.0.53.53

On Server 01

Server:  localhost
Address:  ::1

corp.com
 primary name server = ns1.corp.com
 responsible mail addr = mike.haven2.com
 serial  = 2014051213
 refresh = 86400 (1 day)
 retry   = 10800 (3 hours)
 expire  = 1814400 (21 days)
 default TTL = 43200 (12 hours)

ns1.corp.com internet address = 127.0.53.53

On Server 02

Server:  localhost
Address:  ::1

corp.com
 primary name server = ns1.corp.com
 responsible mail addr = mike.haven2.com
 serial  = 2014051213
 refresh = 86400 (1 day)
 retry   = 10800 (3 hours)
 expire  = 1814400 (21 days)
 default TTL = 43200 (12 hours)

ns1.corp.com internet address = 127.0.53.53

On Server 03

nslookup -q=soa corp.com

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  10.31.11.11

DNS request timed out.
    timeout was 2 seconds.
corp.com
 primary name server = ns1.corp.com
 responsible mail addr = mike.haven2.com
 serial  = 2014051213
 refresh = 86400 (1 day)
 retry   = 10800 (3 hours)
 expire  = 1814400 (21 days)
 default TTL = 43200 (12 hours)

ns1.corp.com internet address = 127.0.53.53

Hi Greg,

I looked at the DNS Manger on 01, and I couldn't find any IP that had the IP of 127.0.53.53.  I am somewhat new the server configuration and I did not set this system up, so it is a hide and seek to where this IP can be hiding.  Any idea where to look?

I did change the DNS IP on 01 an 02 from 127.0.0.1 to their IP addresses. 

Thanks again for your help!

Ernie

Hi Greg,

I looked under the DNS Manager. DNS->01->Forward Lookup Zones right click and then properties (on both entries), and check the name severs but the IP 127.0.53.53 can't be found. :(   This is on server 01. 

Hi Ernie,

Are you looking at corp.com?

As you can see from the image above, the IP address might not be displayed but the hostname is shown. In my example the hostname is dns1.lab. Yours will be ns1.corp.com. This is probably OK to leave, but the IP address for ns1.corp.com should not be registered as 127.0.53.53.

Is ns1.corp.com the same as server 01 in your setup?

Thanks,

-Greg

Hi Ernie,

The reason you get 127.0.53.53 when you ping corp.com is because this is the IP address of the primary name server for the zone.

Sorry if you already know this, but I should start with the basics -

When you open DNS Manager, on the left hand side it will say:

DNS

   <your server's hostname>

        Forward Lookup Zones

        Reverse Lookup Zones

        <more stuff here>

------------------------------------------

You need to open up "Forward Lookup Zones" and click on corp.com.

For now, we do not care about corp.local. We need to edit corp.com. The host "ns1" in corp.com needs to have the IP address changed so that it is not a loopback address.

Thanks,

-Greg

Or at [URL=http://wikisend.com/download/330262/corp.jpg]corp.jpg[/URL]

Hi Greg,

For some reason I am assuming my domain CORP.LOCAL and CORP are the same thing.  I think I was told by the person who built the network.  I did check all servers and the domain is CORP.LOCAL

I did run q=soa corp.local  on each server.  Here are the results.   If you need any other screen captures, let me know. 

Thanks!

Ernie

Server 01

Server:  UnKnown
Address:  ::1

corp.local
 primary name server = 001.corp.local
 responsible mail addr = hostmaster.corp.local
 serial  = 49972
 refresh = 900 (15 mins)
 retry   = 600 (10 mins)
 expire  = 86400 (1 day)
 default TTL = 3600 (1 hour)
001.corp.local internet address = 10.31.1.13
001.corp.local internet address = 10.31.21.38
001.corp.local internet address = 10.31.11.11

ping corp.local
10.31.11.21

Ping corp.com
127.0.0.53

----------------------
Server 02

Server:  UnKnown
Address:  ::1

corp.local
 primary name server = 002.corp.local
 responsible mail addr = hostmaster.corp.local
 serial  = 49970
 refresh = 900 (15 mins)
 retry   = 600 (10 mins)
 expire  = 86400 (1 day)
 default TTL = 3600 (1 hour)
002.corp.local internet address = 10.31.11.21

ping corp.local
10.31.11.21

ping corp.com

------------------------------
Server 03

Server:  UnKnown
Address:  10.31.11.11

corp.local
 primary name server = 001.corp.local
 responsible mail addr = hostmaster.corp.local
 serial  = 49972
 refresh = 900 (15 mins)
 retry   = 600 (10 mins)
 expire  = 86400 (1 day)
 default TTL = 3600 (1 hour)
001.corp.local internet address = 10.31.11.11
001.corp.local internet address = 10.31.1.13
001.corp.local internet address = 10.31.21.38

ping corp.local
10.31.11.21

ping corp.com
127.0.0.53

127.0.53.53

Hi,

Why does 001.corp.local have three different IP addresses, on three different subnets? Are there three network adapters attached?

Thanks,

-Greg

P.S. Whoever administers ns1.corp.com should fix the problem with the loopback address being in DNS.

I can't check physically until Monday, but I did connect remotely and looked at the Device Manager, there are 4 network cards in 001.  I am not sure why since I wasn't the person who built the server.

nic1 = 10.31.11.11  nic2=10.31.11.12  nic3=10.31.11.13  nic4=dhcp 

Only nic1 and nic2 are connected. 

That's the funny thing, ns1.corp.com is not on the network that I can find.  If I am on server 01 and do a Remote Connect to ns1.corp.com, it takes me to Server 01. 

The person who set the network up said it was alright to use CORP or CORP.LOCAL to connect to the domain.

Any other ideas would be greatly appreciated! 

Hi,

That is what a loopback address does - it takes you to the local computer. You aren't actually connecting to ns1.corp.com.

If I were to try and connect to 127.0.53.53 it would connect to the computer I'm working on right now. This is also called 'localhost' and usually represented as 127.0.0.1 but the entire 127/8 address space (anything starting with 127) is 'localhost' not just 127.0.0.1.

The corp.com domain on your network is broken in its current state. Nobody would ever be able to log into it unless they were connecting directly from the domain controller.

It is also not a best practice to use .local for your domain. Try pinging 001.local and you'll see what I mean. It will give you the same result as pinging 001 (without the .local). The 'local' domain is reserved for sending information to computers in the local subnet. This might even be causing a current problem in your case, although I'm not sure. It isn't terrible to use .local - just not recommended.

----------

Notice that you have these three IP addresses in DNS representing 001:

001.corp.local internet address = 10.31.11.11
001.corp.local internet address = 10.31.1.13
001.corp.local internet address = 10.31.21.38

However when you ping corp.local it resolves to 10.31.11.21 which is not one of these addresses (?)

To make things even more confusing, you said that 001 has four NICs and the addresses are nic1 = 10.31.11.11  nic2=10.31.11.12  nic3=10.31.11.13  nic4=dhcp  but except for the first one these aren't the same IP addresses that are in DNS either. Notice that 10.31.1.13 is not the same as 10.31.11.13.

Try pinging these and see if they respond: 

10.31.11.11
10.31.11.12
10.31.11.13
10.31.1.13
10.31.21.38

If some of the IP addresses that are registered in DNS for 001 are not currently in use, you should remove them from DNS. This might immediately fix the fact that 003 is not registering it's IP address - if it is trying to use a bad IP address to register with 001.

-Greg

P.S.

http://msmvps.com/blogs/acefekay/archive/2009/09/07/what-s-in-an-active-directory-dns-name-choosing-a-domain-name.aspx

http://en.wikipedia.org/wiki/Loopback

• Edited by Greg LindsayMicrosoft employee, Owner 10 hours 42 minutes ago