8

The problem shows as follows:

  • Ping hostname <-- the host answers, it seems like the resolution is done over netbios
  • nslookup hostname <--

hostname wasn't found by UnKnown: No response from server.

Now comes the funny part. For a short period of time the resolution works. It may also be that one user logged on to the server can resolve the hostname and another can't at the same time.

Setup:

I got a domain-joined Windows Server 2012 which has the Hyper-V Role installed. The Server got 4 physical network interfaces, where #1 and #2 are used as a virtual switch by Hyper-V and don't have any IP addresses configured.

Network interface #3 and #4 got their IPv4 addresses by our DHCP Server (which is a VM on this Hyper-V host). The virtual Switches #1 got a static IP address and #2 got it's address by DHCP.

I have 2 DNS Servers. Nslookup on both results in the same. The second DNS Server is on another Hyper-V host on another server. Every network interface has the primary and secondary DNS-Server configured, which was shown by ipconfig /all command.

As an additional information: The resolution seems to work properly on every other client/server except on this one.

Eventlog on the Server with the Problem:

  • Hyper-V-VMMS - Event-ID: 32022: Replication did not work due to name resolution of the repliacation partner.
  • DNS Client Events - Event-ID: 8015: DNS registration on the DNS Servers did not work, timeout.

Eventlog on the primary DNS-Server:

  • DNS-Server-Service: Event-ID: 4015: The DNS-Server recognized a critical ActiveDirectory-Error. Make sure that AD works properly. Errordebuginformation is empty "".
  • The AD-Logs didn't show any errors.

The secondary DNS-Server showed no errors recently.

I don't know if a server restart may help, but this is the very last thing I would do, because the VMs are running on this server.

Troubleshooting:

  • I disabled IPv6 on every network interface.
  • I looked on the network traffic and looked for DNS packets. The DNS Server didn't receive any from this server.
  • Looking on the network interfaces of the server with this problem, it seems that it doesn't even send any requests to the dns servers.
  • I tried to disable and enable the network interfaces.

Various further diagnotic tools (e.g. dcdiag) did not work due to dns resolution isn't working. So any ideas?

Humberto Castellon
  • 849
  • 1
  • 7
  • 17
Kevin
  • 441
  • 2
  • 6
  • 10
  • Have you run `dcdiag` on all of your DCs and done other checks on AD? A critical Active Directory error sounds serious. I'd run that down first. – Todd Wilcox Dec 09 '17 at 23:14

2 Answers2

1

This sounds like a DNS problem. AD is very temperamental on DNS errors as it is very reliant on DNS name resolution. According to the errors it looks like this could be the root of the problem. Make sure that you have the DNS servers setup correctly.

Just as a first thought, the localhost (if its a DNS server and domain controller) should be the first server ip on the DNS lists.

Atari911
  • 375
  • 1
  • 7
  • 2
    I may be wrong but I think that Microsoft's best practice analyzer told me not to do so. Setting 127.0.0.1 seems not to be a good idea at all and setting itself as the primary DNS Server is also not good. I configured the DNS Servers to use the other DNS Server as primary and itself (the configured IP) as secondary DNS. I will look for more documentation on this. However I don't get it why it has always worked like this since now. – Kevin Jul 04 '14 at 08:15
  • 1
    I did check again the suggestions that Microsoft's Best Practice Analyzer made and rescanned both DNS-Servers. Everything looks fine except that a few root nameservers do not respond. But the resolutions doesn't even work for the internal records. – Kevin Jul 04 '14 at 10:58
1

Maybe I didn't understand correctly your scenario, but if you have more than one interface of one machine in one subnet, then your Windows cannot works.

If you want have more than one link to one segment because of throughput, you have to use "NIC Teaming" in Windows, but you must have switch, which can do "link aggregation". How to setup it you can see for example here

Or you have to use one NIC exclusively for one virtual host.

Jan Marek
  • 2,120
  • 1
  • 13
  • 14
  • In fact I didn't think about link aggregation or throughput. I thought about redundancy in case of one nic failing. I have some experience with failing nics on some older servers that's why. I also have other servers with a similar setup, but only this one has this problem. checking this should be easy by just disabling the other nics. – Kevin Jul 04 '14 at 08:19
  • Disabling the other nics, leaving just nic #1 and #2 (the virtual switches) enabled did not work. – Kevin Jul 04 '14 at 08:26
  • @Kevin When you try `ping -t DNS_server`, can you see reply for every packet? – Jan Marek Jul 04 '14 at 10:28
  • yes I do, even with nic #3 and #4 enabled, I tried ping -t on both DNS Servers... so this works for both – Kevin Jul 04 '14 at 10:53