Hi Guys, not sure if this is the right forum but will ask anyway. We have a strange problem with a server 2008 dc which is exchange 2007 also dhcp, dns etc. the internal network that it serves will lose internet connectivity to the outside world for no apparent reason, internal access to shares etc seems fine. If we log into the server from outside it will kick the internet connection for the clients back in and they are then ok to browse to any external website. This will happen very randomly sometimes two/three times in a day then not for a couple of days. We have looked through event logs and not found much to help discover what the problem is. Any ideas what this might be? anyone know of this problem, we have been struggling for a while to solve this with no luck. Any help would be much appreciated. Chris.

Hello,let's start with an unedited ipconfig /all from the server and a client machine, so we can check DNS settings. What do you mean with "If we log into the server from outside it", it is configured for access from the internet with RRAS installed, this is not recommended for domain controllers, the same for exchange?Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Meinolf, here is the ipconfig /all results from server: Windows IP Configuration Host Name . . . . . . . . . . . . : xxxxx Primary Dns Suffix . . . . . . . : xxxx.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : xxxxx.local Ethernet adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapte r Physical Address. . . . . . . . . : 02-1C-C4-E2-EF-C2 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad apter Physical Address. . . . . . . . . : 00-1C-C4-E2-EF-C2 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 129.223.254.251(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 129.223.254.252 DNS Servers . . . . . . . . . . . : 129.223.254.251 129.223.254.243 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 8: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{980D83C9-FE5E-42D7-86AD-8620EFD61 5FD} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2002:81df:fefb::81df:fefb(Preferred) Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 129.223.254.251 129.223.254.243 NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection* 13: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{CFEDC468-03EE-4F45-8C8C-D950BA78D EBE} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes will do client one when i can later. the server is configured with outside access but not as RRAS server. if we log into the server from within the LAN it will have the same effect and bring the internet back up. i know that DNS settings for client are configured correctly as used to work fine. we also have problems with the DNS events log on the server in that there are hardly any events being recorded in the DNS log. Thanks again. Chris.

Hello,you use 129.223.x.x as theip addresses, which are public addresses from the internet for a not official/allowed domain name endind with .local. Is that correct? Domain internal you should only use private ip range from 10.x.x.x, 172.x.x.x or 192.168.x.xBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

For a start, running Exchange on a DC is a bad idea. Running a DC on a public network is an even worse idea. Using public IPsfor a local domain is also pretty silly, as Meinolf pointed out. What device is at 129.223.254.252, which is the default gateway for the server?Bill

Hi Guys, we know of the problems with the ip address range used and the exchange on a DC. This ip range was used at a customer from ages ago and the systems they used when we added new servers/systems etc could not be changed over to a proper private ip range, we have told them this but they wanted to stay on the same ip range as before. Would this be the only reason why we are getting the issues with the internet and dns event log issues? as seems to have only started happening recently. Thanks. Chris.

Hi Guys, sorry for no response for a while but we have been trying to sort the issues out, we have now redone the ip address range for the domain to 192.168.50.0/24. this has seemed to go ok, but the DNS issues are still there. the logs will sort of fill up until you clear them and we get the same error as before, if we do nslookup the server comes up as unknown for the domain, We have tried to find tools to fix and diagnose problems with dns but cannot find something similar to netdiag /fix that used to check everything and fix any config errors it finds. we also still get the internet dropping out for domain machines until we log into the DC which then brings it back up again, the DC never loses internet connection.This is a very strange issue and we are struggling to know what to do next, we think it may be a server hardware issue but not sure.Any help on this would be much appreciated.Regards.Chris.

Hello,please post again and unedited ipconfig /all and also the errors you stated form the event viewer.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Meinholf, here is the new ipconfig /all output: Windows IP Configuration Host Name . . . . . . . . . . . . : Fairfield001 Primary Dns Suffix . . . . . . . : fairfield.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : fairfield.local Ethernet adapter Local Area Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad apter #2 Physical Address. . . . . . . . . : 00-1C-C4-E2-EF-C4 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad apter Physical Address. . . . . . . . . : 00-1C-C4-E2-EF-C2 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapte r Physical Address. . . . . . . . . : 02-1C-C4-E2-EF-C2 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Ethernet adapter Heatbeat: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC110T PCIe Gigabit Server Adapter Physical Address. . . . . . . . . : 00-18-71-EC-2F-BC DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.50.251(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.50.252 DNS Servers . . . . . . . . . . . : 192.168.50.243 192.168.50.252 NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection* 8: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{A31F6C99-5B82-45C1-A10A-9D507EB82 31B} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{98FD50E8-FCAA-40D0-BB3A-2A6146152 EF6} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 13: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{CFEDC468-03EE-4F45-8C8C-D950BA78D EBE} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 14: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{47497D3B-607D-482A-AF01-98AE868A6 5CB} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes in the dns event logs we seem to get some entries but then when we clear them it comes up operation cannot be performed as not enough space but it deletes them anyway. we get this using ns lookup: C:\Users\Administrator>nslookup DNS request timed out. timeout was 2 seconds. Default Server: UnKnown Address: 192.168.50.243 > fairfield001 Server: UnKnown Address: 192.168.50.243 Name: fairfield001.fairfield.local Address: 192.168.50.251 Any help would be much appreciated. Regards. Chris.

Hello,please disable IPv6 if not used also:http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/19/disabling-ipv6-on-windows-2008.aspxDo you have a reverse lookup zone created in DNS?You have x.x.x.252 as Default gateway and DNS server, please clarify this, a router should never provide DNS in a domain, it should be done by the doamin DNS servers only.Please post also an unedited ipconfig /all from the other DNS server x.x.x.243Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Meinolf, thanks for the reply, here is the ipconfig /all output from the second dns server:Windows IP Configuration Host Name . . . . . . . . . . . . : FAIRFIELD005 Primary Dns Suffix . . . . . . . : fairfield.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : fairfield.local Ethernet adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapter Physical Address. . . . . . . . . : 02-21-5A-CB-FE-B8 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection 3: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP Network Team #1 Physical Address. . . . . . . . . : 00-21-5A-CB-FE-BA DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.50.243(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.50.252 DNS Servers . . . . . . . . . . . : 192.168.50.243 192.168.50.251 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Heartbeat: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC110T PCIe Gigabit Server Adapter Physical Address. . . . . . . . . : 00-18-71-EC-2B-F1 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 8: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{285828D1-9669-4F96-89DD-132C6A93E1D2} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{7A487679-F871-4F31-8C7F-2C320530FBB7} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 13: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{9AC5D78C-C1D9-4760-A010-AF4EDD08511D} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yesalso this is what we get from nslookup on the same server.C:\Users\administrator.FAIRFIELD>nslookupDefault Server: UnKnownAddress: 192.168.50.243 > fairfield001Server: UnKnownAddress: 192.168.50.243 Name: fairfield001.fairfield.localAddress: 192.168.50.251I was looking into the regedit that is in the article that you linked to but we do not have exactly the same keys, we have.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parametersno disabled compnents folder do we add a new location called disabled components then put a dword key inside of that?thanks again.Chris.

Hello,if you read the article carefully you see that there is an entry "Add the following key" before theHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6Parameters\DisabledComponents DWORD => FFFFFFFFBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

do we just call the dword, dword or is the dword supposed to be called DisabledComponents and but it in the Paramaters key?Cheers.Chris

Hello, Add the following registry value (DWORD type) set to 0xFFFFFFFF: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents So the TYPE is DWORD and the Name DisabledComponents. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

ok we have done that, anything else, what should happen now?Cheers.Chris

Hello,this should help for some problems existing with IPv6, maybe you wan't see any result, but as Paul stated at the beginning of that article, problems can occur if IPv6 is enabled.Also see:http://support.microsoft.com/?id=952842After changing reboot theservers one by one, not together.Please answer also the other questions. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

we have a reverse lookup setup in DNS, we know about the default gateway and that has now been changed, dns is .251. dg is .254anything else?Cheers.Chris

Hello,make sure all domain members use ONLY the domain DNS servers on the NIC.Do you have configured Forwarders on the DNS server properties in the DNS management console to have name resolution for internet access for all domain members?Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

we have got conditional forwarders and all clients point to the dns server for ip address resolution, all deployed through dhcp server.

Hello,with conditional forwarders you normally specify some websites. Or do you use "All other DNS domains" and add the ip address of the ISPs DNS server there?Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Meinholf, we use All other DNS domains and add the ip address of the ISPs DNS server there.We have not been able to restart the server yet, so still getting the problems.Anything else we could try?Regards.Chris.

Hi, we have noticed now that if we do an nslookup on the dc it does not come up as server: unknown. It comes up with fairfield005.fairfield.local which is the backup DNS server.It is still doing the dns log error when we clear them?Thanks again.Chris.

Hi Guys, it has been a while since i posted on here but we are still getting the dns issues on both the DC and the Backup DC, we cannot see any logs in the dns event logs and when we clear them we still get the same error as stated earlier, We are still getting server unknown we we run nslookup, and we still have intermittent internal internet access issues which are solved if we log into the dc.Anybody have any other ideas as to what the issue is with the strange internet access problems for the internal PCs?Any help on this would be much appreciated.Regards.

Hi again guys, this has been fixed due to another issue we found,Thanks for the help with this.Regards.Chris

Hello Chris: I am experiencing the same intermittent problem with internet connectivity and getting a message with NSlookup with Server Unknown. Can you please share your solution on how you fixed the problem. What issue did you find that fixed your system?