Hi Guys;

Recently i promoted three Windows 2012 R2 servers as Domain controllers to my existing multi domain forrest as a first step of a total migration to 2012 R2.

I noticed that none of the new servers are able to resolve anything normally through forwarders, wether that's internal or external, conditional or regular. What puzzles me more, is that when i do an nslookup locally on these servers it always fails due to timeouts. If i try to nslookup the servers from clients, it resolves the local zones, but the external queries are hit and miss.

Despite that i have external forwarders configured properly (Google) and all zones are stored in the AD forrest partition with the proper reverse zones, the servers even fail to resolve their own IP address.

Any  insight on possible reasons?

• Edited by AsarianH Thursday, August 27, 2015 2:36 AM

Hi Asarian,

Disable the firewall temporarily. And check the host record of DC manually.

>>What puzzles me more, is that when i do an nslookup locally on these servers it always fails due to timeouts.

What is the DNS server on DC? When doing nslookup, it would send queries to the DNS server configured on it.

For further analysis, we could perform a network capture on the server. Install Network Monitor on the server and start a new capture. Perform a query on client. Analyze the packets to find out the problem.

Here is the guide for Network Monitor:
Network Monitor:
https://technet.microsoft.com/en-us/library/cc938655.aspx

Best Regards,

Leo