I have a 2012 server which is a Hyper-v host. It has 3 guest VMs all running Server 2012. One is a DC the others are member servers.

As a practice the Hyper-v host is not domain-joined. It has been working fine but now DNS is not working on it. DNS works fine on all domain systems, just not the standalone HV server. I've tried setting the primary DNS server to both the IP of the domain DNS server as well as 8.8.8.8. The network settings console says it's connected to the internet and you can ping any IP, but you can't ping any names.

When I do an nslookup of www.google.com using either the domain DNS server IP or 8.8.8.8 I get the same error which is "UnKnown can't find www.google.com: No response from server".

I've also tried disabling tcp over NetBIOS but that didn't help. There's nothing in the hosts file and lmhosts lookup is disabled.

I can't find any helpful info about this so I hope someone here has an idea of how to fix this.

HI,

Try the following steps.

1) try to enter Open resolver DNS which is 208.67.222.222

2) make sure your dns server's inbound firewall port should be allow to your host IP address.

HI,

Try the following steps.

1) try to enter Open resolver DNS which is 208.67.222.222

2) make sure your dns server's inbound firewall port should be allow to your host IP address.

When you say "DNS is not working on it" do you mean that the Hyper-V host has the DNS Server service installed and running, or do you mean that the Hyper-V host is a DNS client and has other DNS servers configured on it's network interfaces that it uses to resolve names?

If it is a DNS server itself, make sure that the DNS service is running and bound to the correct network interface.

A test to see if DNS is working on the server itself is to look up localhost. For example:

PS C:\> resolve-dnsname -Name localhost -Server localhost

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
localhost                                      AAAA   1200  Question   ::1
localhost                                      A      1200  Question   127.0.0.1

Do not attempt to use nslookup to do this. Use dig or resolve-dnsname as shown above.

Even a server that is not connected to the Internet will answer this query.  Next, try querying one of the interfaces on the computer, for example my DNS server has a private IP address of 192.168.1.200:

PS C:\> resolve-dnsname -Name localhost -Server 192.168.1.200

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
localhost                                      AAAA   1200  Question   ::1
localhost                                      A      1200  Question   127.0.0.1

It is able to answer from this interface also. Test your server and make sure it can do this.

If the Hyper-V host is only a DNS client then check DNS server settings on the network adapter corresponding to the name of the virtual switch you are using for your VMs.

-Greg

What I mean by DNS not working is that when you attempt to make any sort of connection to a location on the internet using name resolution, it fails. If I knew the IP address of a site, I could put that in a browser and it would work. DNS resolution is not working on this server. It is a Hyper-V server as I stated and as such it does not run any other role as that would be against Microsoft licensing.

So when I enter a website name in a browser, it won't find it. When I do nslookup of a website, it fails. This is even when using 8.8.8.8 (Google's public DNS server) as the primary DNS server in the DNS client settings of the Hyper-V server.

This server was having no problem with DNS resolution until 6 days ago. Since then it has not worked.

SmallBiz,

what does nslookup return as a default server ? does it return the server name, or says UnKnown  as in example below ?

C:\>nslookup
Default Server:  UnKnown
Address:  192.168.1.1

confirm that your primary interface has lowest metric via "route print", change it to the lowest it does not.

confirm that you are indeed applying the DNS settings to the proper Ethernet Adapter, it gets messy with HyperV identifying what is what, via "ipconfig /all"

open nslookup and type "set deb" this will set the debug on. Look up any dns name and see who is trying to resolve the DNS to IP for you. Send the output to a txt file, easier to read it.

Last resolve, reboot the host :)

If you create an internal or external virtual switch on a Hyper-V server, a new virtual network adapter is added to the host computer and promoted to the top of the binding order. This is important because DNS always starts with the preferred network adapter, which is the one that is first in the binding order.

You can change the binding order by opening Network Connections, pressing the ALT key to view menu items, click Advanced, and then click Advanced Settings. Choose the adapter you want to move up or down in the binding order and then click OK when you are done.

As Azarya says above, you should see the default nameserver when you type nslookup at a command prompt. The default will be the DNS server that is configured on the preferred adapter.

-Greg

• Edited by Greg LindsayMicrosoft employee, Owner 14 hours 3 minutes ago

SmallBiz,

what does nslookup return as a default server ? does it return the server name, or says UnKnown  as in example below ?

C:\>nslookup
Default Server:  UnKnown
Address:  192.168.1.1

confirm that your primary interface has lowest metric via "route print", change it to the lowest it does not.

confirm that you are indeed applying the DNS settings to the proper Ethernet Adapter, it gets messy with HyperV identifying what is what, via "ipconfig /all"

open nslookup and type "set deb" this will set the debug on. Look up any dns name and see who is trying to resolve the DNS to IP for you. Send the output to a txt file, easier to read it.

Last resolve, reboot the host :)

The default server is Unknown.

The server has 4 physical NICs. They are all teamed and that team is used in the virtual switch manager. So the virtual switch is what we're working with, changing settings on, etc. just like on a physical NIC. Because of that it is the only adapter you can view/edit the TCP/IP v4 properties of, so there is no point in setting the metric like if there were multiple adapters where you could access the TCP/IP v4 properties.

The above answers about applying settings to the correct adapter, only one is possible.

I ran nslookup and did set deb. I then entered www.google.com in the nslookup prompt. The results I got were as follows.

Server:  UnKnown
Address:  8.8.8.8

connect: No error
connect: No error
*** UnKnown can't find www.google.com: No response from server

I'm planning on rebooting the server this weekend. Have to coordinate with the client as they have users accessing the VMs at all hours of the day and night.

If you create an internal or external virtual switch on a Hyper-V server, a new virtual network adapter is added to the host computer and promoted to the top of the binding order. This is important because DNS always starts with the preferred network adapter, which is the one that is first in the binding order.

You can change the binding order by opening Network Connections, pressing the ALT key to view menu items, click Advanced, and then click Advanced Settings. Choose the adapter you want to move up or down in the binding order and then click OK when you are done.

As Azarya says above, you should see the default nameserver when you type nslookup at a command prompt. The default will be the DNS server that is configured on the preferred adapter.

-Greg

P.S. You can see the adapter binding order by typing Get-NetAdapterBinding at a PowerShell prompt.

Yah that I'm already aware of. The virtual adapter is at the top of the list. I really think that the only thing left to do is reboot the server. I am suspecting now that something is just out of kilter and the only way to fix it is to reboot it. Thanks for the suggestions.

It appears you cannot connect to any DNS server on port 53, even though you said the firewall was disabled.

To confirm, try this:

PS C:\> Test-NetConnection -ComputerName 8.8.8.8 -Port 53

ComputerName           : 8.8.8.8
RemoteAddress          : 8.8.8.8
RemotePort             : 53
InterfaceAlias         : Ethernet
SourceAddress          : 192.168.1.200
PingSucceeded          : True
PingReplyDetails (RTT) : 12 ms
TcpTestSucceeded       : True

In my results, the test succeeded.

-Greg

It appears you cannot connect to any DNS server on port 53, even though you said the firewall was disabled.

To confirm, try this:

PS C:\> Test-NetConnection -ComputerName 8.8.8.8 -Port 53

ComputerName           : 8.8.8.8
RemoteAddress          : 8.8.8.8
RemotePort             : 53
InterfaceAlias         : Ethernet
SourceAddress          : 192.168.1.200
PingSucceeded          : True
PingReplyDetails (RTT) : 12 ms
TcpTestSucceeded       : True

In my results, the test succeeded.

-Greg

I just tried that and PS says Test-NetConnection isn't recognized as a valid command. Not the exact verbage but you know what I mean.

Man check on your DNS Server if has PTR reverse about your DNS Server and PTR record for HVho

Test-NetConnection is part of PowerShell v4. You can install PowerShell v4 on Windows Server 2012 if desired. See http://social.technet.microsoft.com/wiki/contents/articles/21016.how-to-install-windows-powershell-4-0.aspx - you just need to install Windows Management FrameWork 4.0.

If you don't want to install this, you can just use Telnet, which can be installed (if it isn't already) through Windows Features:

Once telnet is installed, test a connection to port 53 as follows:

PS C:\> telnet 8.8.8.8 53

If the connection works, your screen will go blank. To get the screen back just press any key.

If the connection fails, you will see the following:

PS C:\> telnet 8.8.8.8 53
Connecting To 8.8.8.8...Could not open connection to the host, on port 53: Connect failed

If the connection fails, this should tell you that there is a firewall blocking your outbound access. If the connection succeeds, it's possible something is blocking inbound replies back from the DNS server to your computer. These connections are made using an ephemeral port numbered 49152 or higher (on recent Windows OS).

-Greg

• Edited by Greg LindsayMicrosoft employee, Owner 11 hours 9 minutes ago