I have two DCs that seem unable to contact each other. They can resolve each other's IP address and in "arp -a" there is a correct entry, but they fail to repond to each others pings. They can ping other hosts fine, and other hosts can ping both of them fine. I'm a bit lost as to what could be causing the issue or how to troubleshoot it further, any ideas? Alex

Any routers or firewalls between them? Is Windows Firewall (or a 3rd party firewall) enabled? Brandon Wilson - Premier Field Engineer (Platforms)

Hi Alex, Are the 2 dc's located on the same subnet? what about potential firewall issues, have you checked that ? /René

if you do a tracert, do they try to reach the other dc on the direct connection? you can check route print and see if there is a wrong route added for the other dc. are the windows firewalls enabled on the dc's?

Hello, are you trying to ping using an IP address or a DNS name? Please check connectivity and make sure that needed ports for AD replication are not blocked: h:ttp://technet.microsoft.com/en-us/library/bb727063.aspx Also, check your routes and that all is okay with your routers / switches. This also may be due to a DNS resolution issue if you are trying to ping using DNS names. For that, check that your DNS records are registered correctly. Make sure that: Each DC / DNS server points to its private IP address as primary DNS server and other internal DNS servers as secondary ones Each DC without DNS points to internal DNS servers as DNS server Each used public DNS server is set as a forwarder and not as a secondary DNS server in IP settings Each DC has an only one NIC card (Disable unused ones) and IP address Once done, run ipconfig /registerdns and restart netlogon on each DC you have. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Thank you all for your quick responses! They are on the same subnet, the windows firewall is turned off. Tracert tries to hit the server directly. There are no routes set to the other DC.

What operating sistem are the 2 DC's? Is file and printer sharing enabled, (allow icmp packets). Any vlans configured? please post an ipconfig /all from both dc's.MCTS...

Thank you all for your quick responses! They are on the same subnet, the windows firewall is turned off. Tracert tries to hit the server directly. There are no routes set to the other DC. Please use Microsoft Skydrive to upload the output of the command ipconfig /all > c:\ipconfig.txt on all DCs you have. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Seem to have sorted it. They are both virtual servers, I tried removing the network cards and and adding them again so that they got new MAC addresses and they now seem to be able to comunicate. So I guess it must have been a MAC address issue, but I don't see why that didn't show up in the earlier diagnostics.

In that case I guess that a simple clear arp cache from netsh on the nics could have solved the issue. MCTS...