Unable to query DNS
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□This is your only DC, right? I don't think replication/administrative shares would matter in this case.
At this point, you might want to try deleting and recreating the zone, so you can start fresh.
Have you run dcdiag and netdiag as suggested (you'll need to install the support tools)? You can use the /fix switch with both of those in an attempt to automatically fix errors. -
jbaello Member Posts: 1,191 ■■■□□□□□□□dynamik wrote:This is your only DC, right? I don't think replication/administrative shares would matter in this case.
At this point, you might want to try deleting and recreating the zone, so you can start fresh.
Have you run dcdiag and netdiag as suggested (you'll need to install the support tools)? You can use the /fix switch with both of those in an attempt to automatically fix errors.
Already done this, didn't worked, what's weird is DNS shows as passed when I run diagnostic check...
I've also tried recreating the Forward Lookup zone as well...
It's time to blow the box, perhaps when I did not uninstalled Exchnage 2007 the Schema got affected, since I had to modify this.
My Exchange and DNS are both in a different box. -
jbaello Member Posts: 1,191 ■■■□□□□□□□astorrs wrote:Ah, you're using AD integrated zones and that is where the problem is. Is Active Directory running? (do a "net view" and look for the NETLOGON and SYSVOL shares).
Are there any AD related warnings/errors since last reboot in the Directory Services event log?
B/W will still work DNS will still work even without AD... as far as I remember... -
astorrs Member Posts: 3,139 ■■■■■■□□□□Jbaello, not if it's AD integrated it won't be able to load a current copy of the zone files since they are stored in the directory.
Dynamik, I was asking about the presence of the shares as its an easy way to determine if AD is running completely, since its one of the very last things a DC does when it comes up. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□astorrs wrote:Dynamik, I was asking about the presence of the shares as its an easy way to determine if AD is running completely, since its one of the very last things a DC does when it comes up.
Checking the presence of shares when shares aren't required? Inconceivable!
Nice tip, thanks -
jbaello Member Posts: 1,191 ■■■□□□□□□□I'm a little hesitant posting this cause I felt like a dumby, but after I reinstalled OS, updated, and run DCPROMO I am still having the same symptom I originally explained here, I am now using a different box for my DNS server just to continue my studies, but it would be nice if I figure out why this is happening? I do not have a firewall enabled, or any hardware/software filtering/security installed, it is basically running as is drivers/updates/dcpromo.
Now if you ask me about the new DNS box, this box was originally not operational and was turned off to begin with.
Problematc DNS Box:
IP Address: 192.168.1.105
Subnet: 255.255.255.0
Gateway: 192.168.1.1
Preferred DNS Server: 192.168.1.105
The weird thing is when DNS got setup, it automatically modified the Preferred DNS Server to the loopback address of 127.0.0.1.
I'm not sure if I'm having hardware issue, it doesn't look like based on the response that I have posted here. -
astorrs Member Posts: 3,139 ■■■■■■□□□□Change it to a primary zone (not AD integrated). Restart. Does it work now?
-
jbaello Member Posts: 1,191 ■■■□□□□□□□Running NSLOOKUP on the server box itself fails... so I doubt AD Integrated or not will matter.
I could be wrong... -
dynamik Banned Posts: 12,312 ■■■■■■■■■□HeroPsycho wrote:Note to self: ping the server next time.
Did I misunderstand this entire thread? I thought the main problem was that the server couldn't query itself. When did a switch get involved? -
astorrs Member Posts: 3,139 ■■■■■■□□□□Sounds like the NIC wasn't up. I kinda thought this had been tested as posts 3-5 or so talked about pinging. Oh well, glad you have it working now. Jbello, a note to self, always start with the basics.
-
blargoe Member Posts: 4,174 ■■■■■■■■■□But you said you could ping the server by IP... you weren't talking about pinging the server from the server itself were you?IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
jbaello Member Posts: 1,191 ■■■□□□□□□□I did all the basic, I even browsed the internet fine, but since I was running out of option I went and replaced the switch and it worked, I pinged everything that I can too and it worked on the old switch...
Weird? it is... did I cover the basics? Yes...
Did I ping the server from client? ofcourse only an idiot won't start by checking network connectivity of client/server... -
jbaello Member Posts: 1,191 ■■■□□□□□□□jbaello wrote:astorrs wrote:going back to basics here, can you ping the loopback adapter?
The first two posts I've checked and done this, and it still persists, loopback is replying.
*** Can't find server name for address 127.0.0.1: No response from server
*** Default servers are not available
Default Server: UnKnown
Address: 127.0.0.1
The 127.0.0.1 is just an example from a client since, I just wanted to duplicate the issue, the actual address defined here is the DNS own IP address.
DNS server can be pinged from a client machine via IP address, not hostname I haven't tried it yet, and all machine is pointed to this DNS server, even running nslookup on the DNS itself, where DNS server in TCP/IP pointing to it's box directly persists.
I've restarted this box numerous times, and also installed/uninstalled DNS, but problem persists.
It was explained here, the procedure I've done... -
jbaello Member Posts: 1,191 ■■■□□□□□□□Apparently the nslookup issue is back again, with the new switch, I will try to be as descriptive as I can, since I like sharing my experience/idea, nslookup command is not able to query DNS server, but for some reason evertyhing is working except "nslookup" on command line inteface (CLI) is returning a message "Can't find server name for address x.x.x.x.
I've listed pertinent iformation that I can remember.
1. Pinging any FQDN and Hostname within the domain is working.
2. Pinging any IP address, Gateway, Server, external address works.
3. All Firewall is disabled.
3. Client is able to update it's A/PTR record (on a secure only update zone).
4. Client computer/server is able to join the domain, and computer accounts gets created into the computer container.
5. Only secure updates is enabled (I made this a point since I do not have a heavy duty firewall at the moment.
6. On the Exchange Server I am able to run setup /prepareAD /ON:soggyrice (soggyrice is located on a different server) and it works fine.
7. This was left blank intentionaly.
8. All Client and Servers are fully updated.
9. Newly created AD account is able to login via a client computer (account is not cached).
10. Netstat and DCdiag tools is executed with high flying colors of "pass" on every service, including ports.
11. All Server and Client OS has been reinstalled/reconfigured.
12. NS recors and A/PTR record for the DNS server has automatically been updated.
13. This has been configured using "DCPROMO"
14. All client server is connected to 1 home type switch "netgear".
15. My current router that I am using is a linksys WRT54G.
16. I give up with NSlookup...
Thanks and peace out!!! -
astorrs Member Posts: 3,139 ■■■■■■□□□□Okay lets work through this in a few steps. First up...
What is the FQDN of the DNS server? What is its IP (and is it multi-homed?)
From a command prompt on the DNS server type "nslookup" and post the output. -
jbaello Member Posts: 1,191 ■■■□□□□□□□astorrs wrote:Okay lets work through this in a few steps. First up...
What is the FQDN of the DNS server? What is its IP (and is it multi-homed?)
From a command prompt on the DNS server type "nslookup" and post the output.
I am really convinced that at this point, we've exhausted every technique that we have, I am thinking that Microsoft might need to propagate some information over before this thing can work again, then eventually it would work. I can be wrong, but since "everything" else is working except "nslookup" like I have posted I might say it's a M$ bug.
Also all the information you've asked has already been answered this is not a multi-homed computer since this DNS server has only "1, one, uno :P" NIC, also everything "client/server" is connected on 1 subnet of a full Class C subnet of 255.255.255.0/24.
Here's your answer on the DNS box, Preferred DNS Server is pointed to itself, and nslookup fails.
If you wish to continously give me other techniques, aside from what had been mentioned, please feel free to do so.
But this are the only information that I can give you for now. -
astorrs Member Posts: 3,139 ■■■■■■□□□□jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.
If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.
If you want to carry forward:
- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output. -
jbaello Member Posts: 1,191 ■■■□□□□□□□astorrs wrote:jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.
If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.
If you want to carry forward:
- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output.
I don't think I've ever assumed that questions that are asked is stupid, I do not mean to ignore some question I just missed it or skipped it but unintentional, I am a very busy guy, working as a fulltime sys ad and studying when I get a chance, so yes I intend to have my brain all over the place sometime without realizing that I am skipping something...
Dude I would be happier to see someone give me an advise such as run a monitoring tools while I am executing nslookup. If you want this answered it will have to wait till tomorrow, I am going to bed as soon I fire up my OWA, and link the URL for more added info with this issue.
Thanks... -
jbaello Member Posts: 1,191 ■■■□□□□□□□astorrs wrote:jbaello, I wanted to work through it logically. Rather than digging through the post or making assumptions, it's better for me to ask you specific questions.
If you don't want any assistance I won't bother - everyone on this forum is essentially a volunteer after all. If you do want to get to the bottom of this, how about not assuming that the questions being asked are stupid and ignoring them and maybe just giving it a shot. I'm sure we can figure it out if we approach it methodically.
If you want to carry forward:
- What is the fully qualified domain name of the server?
- What is its IP address?
- From a command prompt on the DNS server type "nslookup" and post the output.
And dude to be honest with you, hope you won't take it offensively, some of your advise is pretty far out, but hey any wild idea for me works just like the "ipsec" issue with one of my threads here... -
astorrs Member Posts: 3,139 ■■■■■■□□□□jbaello wrote:Dude I would be happier to see someone give me an advise such as run a monitoring tools while I am executing nslookup.
As for the skipping over stuff thing, I appreciate that it can be difficult to move from actively troubleshooting something to working on something completely different and coming back to it later after a few posts have been left. When I'm working on multiple projects for different clients simultaneously this can also be a challenge. But it really is important to approach every troubleshooting scenario methodically. It can be very frustrating to those trying to help you if you are seemingly ignoring advice (especially when the given advice maybe sounds too "basic" to you). We're not there in front of the systems with you, so you'll have to forgive a few seemingly pointless questions - sometimes the answers to those questions will help us narrow down the possibilities in our own minds. -
jbaello Member Posts: 1,191 ■■■□□□□□□□astorrs wrote:jbaello wrote:And dude to be honest with you, hope you won't take it offensively, some of your advise is pretty far out.
Alright holdon Einstein :P jk... well I admire your persistent with this...