Unable to query DNS

Dear TE,

I have a DNS server with one NIC that is unable to query itself, when DNS is configured it automatically modified the preferred DNS server and uses the loopback address of 127.0.0.1, I had to modify this and have to specifically assign the DNS server.

Configuration wise I believe I have not missed a thing, since this is not the first time I've configured one, the Forward Lookup Zone exists and dynamic update is enabled, but for some reason when nslookup is run on the DNS server it's unable to contact the DNS which itself, same thing happens with client that is using the DNS server.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

This is your only DC, right? I don't think replication/administrative shares would matter in this case.

At this point, you might want to try deleting and recreating the zone, so you can start fresh.

Have you run dcdiag and netdiag as suggested (you'll need to install the support tools)? You can use the /fix switch with both of those in an attempt to automatically fix errors.

dynamik wrote:

This is your only DC, right? I don't think replication/administrative shares would matter in this case.

At this point, you might want to try deleting and recreating the zone, so you can start fresh.

Have you run dcdiag and netdiag as suggested (you'll need to install the support tools)? You can use the /fix switch with both of those in an attempt to automatically fix errors.

Already done this, didn't worked, what's weird is DNS shows as passed when I run diagnostic check...

I've also tried recreating the Forward Lookup zone as well...

It's time to blow the box, perhaps when I did not uninstalled Exchnage 2007 the Schema got affected, since I had to modify this.

My Exchange and DNS are both in a different box.

Goodbye DNS Box

astorrs wrote:

Ah, you're using AD integrated zones and that is where the problem is. Is Active Directory running? (do a "net view" and look for the NETLOGON and SYSVOL shares).

Are there any AD related warnings/errors since last reboot in the Directory Services event log?

B/W will still work DNS will still work even without AD... as far as I remember...

Jbaello, not if it's AD integrated it won't be able to load a current copy of the zone files since they are stored in the directory.

Dynamik, I was asking about the presence of the shares as its an easy way to determine if AD is running completely, since its one of the very last things a DC does when it comes up.

astorrs wrote:

Dynamik, I was asking about the presence of the shares as its an easy way to determine if AD is running completely, since its one of the very last things a DC does when it comes up.

Checking the presence of shares when shares aren't required? Inconceivable!

Nice tip, thanks

I'm a little hesitant posting this cause I felt like a dumby, but after I reinstalled OS, updated, and run DCPROMO I am still having the same symptom I originally explained here, I am now using a different box for my DNS server just to continue my studies, but it would be nice if I figure out why this is happening? I do not have a firewall enabled, or any hardware/software filtering/security installed, it is basically running as is drivers/updates/dcpromo.

Now if you ask me about the new DNS box, this box was originally not operational and was turned off to begin with.

Problematc DNS Box:

IP Address: 192.168.1.105
Subnet: 255.255.255.0
Gateway: 192.168.1.1
Preferred DNS Server: 192.168.1.105

The weird thing is when DNS got setup, it automatically modified the Preferred DNS Server to the loopback address of 127.0.0.1.

I'm not sure if I'm having hardware issue, it doesn't look like based on the response that I have posted here.

Change it to a primary zone (not AD integrated). Restart. Does it work now?

Running NSLOOKUP on the server box itself fails... so I doubt AD Integrated or not will matter.

I could be wrong...

Can you at least try it?

astorrs wrote:

Can you at least try it?

It didn't work, I also uninstalled DNS and installed it fresh, manually created Primary Forward, still cannot query, my new DNS box is having the same symptom...

It works now... thanks for the help...

What changed?

astorrs wrote:

What changed?

I replaced the switch.

Note to self: ping the server next time.

HeroPsycho wrote:

Note to self: ping the server next time.

Did I misunderstand this entire thread? I thought the main problem was that the server couldn't query itself. When did a switch get involved?

Sounds like the NIC wasn't up. I kinda thought this had been tested as posts 3-5 or so talked about pinging. Oh well, glad you have it working now. Jbello, a note to self, always start with the basics.

astorrs wrote:

always start with the basics.

And listen. In the Exchange forums I told him things that he skipped over and I had to repeat over and over till he tried them.

But you said you could ping the server by IP... you weren't talking about pinging the server from the server itself were you?

I did all the basic, I even browsed the internet fine, but since I was running out of option I went and replaced the switch and it worked, I pinged everything that I can too and it worked on the old switch...

Weird? it is... did I cover the basics? Yes...

Did I ping the server from client? ofcourse only an idiot won't start by checking network connectivity of client/server...

jbaello wrote:

astorrs wrote:

going back to basics here, can you ping the loopback adapter?

The first two posts I've checked and done this, and it still persists, loopback is replying.

*** Can't find server name for address 127.0.0.1: No response from server
*** Default servers are not available
Default Server: UnKnown
Address: 127.0.0.1

The 127.0.0.1 is just an example from a client since, I just wanted to duplicate the issue, the actual address defined here is the DNS own IP address.

DNS server can be pinged from a client machine via IP address, not hostname I haven't tried it yet, and all machine is pointed to this DNS server, even running nslookup on the DNS itself, where DNS server in TCP/IP pointing to it's box directly persists.

I've restarted this box numerous times, and also installed/uninstalled DNS, but problem persists.

It was explained here, the procedure I've done...

Apparently the nslookup issue is back again, with the new switch, I will try to be as descriptive as I can, since I like sharing my experience/idea, nslookup command is not able to query DNS server, but for some reason evertyhing is working except "nslookup" on command line inteface (CLI) is returning a message "Can't find server name for address x.x.x.x.

I've listed pertinent iformation that I can remember.

1. Pinging any FQDN and Hostname within the domain is working.
2. Pinging any IP address, Gateway, Server, external address works.
3. All Firewall is disabled.
3. Client is able to update it's A/PTR record (on a secure only update zone).
4. Client computer/server is able to join the domain, and computer accounts gets created into the computer container.
5. Only secure updates is enabled (I made this a point since I do not have a heavy duty firewall at the moment.
6. On the Exchange Server I am able to run setup /prepareAD /ON:soggyrice (soggyrice is located on a different server) and it works fine.
7. This was left blank intentionaly.
8. All Client and Servers are fully updated.
9. Newly created AD account is able to login via a client computer (account is not cached).
10. Netstat and DCdiag tools is executed with high flying colors of "pass" on every service, including ports.
11. All Server and Client OS has been reinstalled/reconfigured.
12. NS recors and A/PTR record for the DNS server has automatically been updated.
13. This has been configured using "DCPROMO"
14. All client server is connected to 1 home type switch "netgear".
15. My current router that I am using is a linksys WRT54G.

16. I give up with NSlookup...

Thanks and peace out!!!

Okay lets work through this in a few steps. First up...

What is the FQDN of the DNS server? What is its IP (and is it multi-homed?)

From a command prompt on the DNS server type "nslookup" and post the output.

astorrs wrote:

Okay lets work through this in a few steps. First up...

What is the FQDN of the DNS server? What is its IP (and is it multi-homed?)

From a command prompt on the DNS server type "nslookup" and post the output.

I am really convinced that at this point, we've exhausted every technique that we have, I am thinking that Microsoft might need to propagate some information over before this thing can work again, then eventually it would work. I can be wrong, but since "everything" else is working except "nslookup" like I have posted I might say it's a M$ bug.

Also all the information you've asked has already been answered this is not a multi-homed computer since this DNS server has only "1, one, uno :P" NIC, also everything "client/server" is connected on 1 subnet of a full Class C subnet of 255.255.255.0/24.

Here's your answer on the DNS box, Preferred DNS Server is pointed to itself, and nslookup fails.

If you wish to continously give me other techniques, aside from what had been mentioned, please feel free to do so.

But this are the only information that I can give you for now.

jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.

If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.

If you want to carry forward:

- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output.

astorrs wrote:

jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.

If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.

If you want to carry forward:

- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output.

I don't think I've ever assumed that questions that are asked is stupid, I do not mean to ignore some question I just missed it or skipped it but unintentional, I am a very busy guy, working as a fulltime sys ad and studying when I get a chance, so yes I intend to have my brain all over the place sometime without realizing that I am skipping something...

Dude I would be happier to see someone give me an advise such as run a monitoring tools while I am executing nslookup. If you want this answered it will have to wait till tomorrow, I am going to bed as soon I fire up my OWA, and link the URL for more added info with this issue.

Thanks...

astorrs wrote:

jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.

If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.

If you want to carry forward:

- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output.

And dude to be honest with you, hope you won't take it offensively, some of your advise is pretty far out, but hey any wild idea for me works just like the "ipsec" issue with one of my threads here...

jbaello wrote:

Dude I would be happier to see someone give me an advise such as run a monitoring tools while I am executing nslookup.

While I could ask you to fire up process explorer and windbg, attach to the process and **** the call stack, etc and email it to me, I think it's probably something a lot simpler and we should be able to get to the bottom of it quickly now that you've clearly identified in your previous post the results of those 15 things you had tried.

As for the skipping over stuff thing, I appreciate that it can be difficult to move from actively troubleshooting something to working on something completely different and coming back to it later after a few posts have been left. When I'm working on multiple projects for different clients simultaneously this can also be a challenge. But it really is important to approach every troubleshooting scenario methodically. It can be very frustrating to those trying to help you if you are seemingly ignoring advice (especially when the given advice maybe sounds too "basic" to you). We're not there in front of the systems with you, so you'll have to forgive a few seemingly pointless questions - sometimes the answers to those questions will help us narrow down the possibilities in our own minds.

jbaello wrote:

And dude to be honest with you, hope you won't take it offensively, some of your advise is pretty far out.

I find that somewhat surprising, care to give an example so I can understand why you might see it that way?

astorrs wrote:

jbaello wrote:

And dude to be honest with you, hope you won't take it offensively, some of your advise is pretty far out.

I find that somewhat surprising, care to give an example so I can understand why you might see it that way?

Alright holdon Einstein :P jk... well I admire your persistent with this...

Quick Links