Wireless Networks Thread, HELP!!! Major DNS Problems here.... in Technical; Right I just dont know where to start.
In the beginning we had 2 DNS servers both on Windows 2003 ...
26th August 2010, 01:56 PM #1
HELP!!! Major DNS Problems here....
Right I just dont know where to start.
In the beginning we had 2 DNS servers both on Windows 2003 R2 and everything was running fine with a 2003 domain.
Yesterday I removed one of the servers (ISIS) from the network to upgrade it to windows 2008 R2. Windows 08 R2 installed without any problems and DNS replicated fine to this server. My replication is set to ALL DNS SERVERS IN THE ACTIVE DIRECTORY DOMAIN.
Today, i have come to do the other one, but as soon as i turn this server off, i cannot get out to the outside world. This server is not a proxy server! I removed the DNS role and still couldnt get out.
I have added the role back, but now it cannot find the DNS entries from ISIS and i have to manually add the DNS entries. Only up to added the entries in i have managed to get back on the net.
Can someone please help!
IDG Tech News
26th August 2010, 04:29 PM #2
First thing, have you got the global catalogue on each?
Are these your DC's? or just dns?
26th August 2010, 04:58 PM #3
Here is how they are set up at the mo after a lot of trail and error and still HADES thinks it owns the domain:
HADES: 2003 R2 x64, DC, Secondary DNS (I have taken out the AD Configuration), not a GC.
ISIS: 2008 R2, DC, GC
SETH: 2003 R2 x64, DC, Primary DNS, GC
DEMETER: 2008 R2, DC, running all FSMO at the mo, just for temporary use, Not a GC.
I am trying to get the internet to work while HADES is offline but the only way i can get it to work is to have it onlne which is stopping me from upgrading 2008 R2.
I keep getting status: expired in my DNS on HADES for my zones.
26th August 2010, 05:23 PM #4
As a general rule I would say always have the GC on each DC generally as without a GC somewhere auth wont work properly.
How have you configured your nic's dns's for each?
e.g. HADES: 1st: LOCAL 2nd: ISIS 3rd: BLAH etc
26th August 2010, 05:47 PM #5
Im not too sure if this is right, but i shall do a before and after:
Preferred DNS: 172.16.24.5 (ISIS)
Alternate: 184.108.40.206 (Our ISP)
Preferred DNS: 172.16.24.3 (HADES)
Alternate: 220.127.116.11 (Our ISP)
The rest of the servers pointed to ISIS first then HADES.
Preferred: 172.16.24.2 (SETH now my primary DNS)
Preferred: 172.16.24.5 (It's self)
DHCP config address: DNS server 172.16.24.2 (SETH)
26th August 2010, 05:56 PM #6
Right firstly I would never ever use isp dns as secondary tbh. In DNS you can give it a forward ip and if your dns does not have a record it will forward it out to the ip you want (googles dns is good 18.104.22.168)
Can you see if any forwarders are setup on your servers in DNS yet?
26th August 2010, 06:02 PM #7
On SETH there are no forwarders set. Neither on ISIS or HADES.
26th August 2010, 07:03 PM #8
I think i have sorted it... although i wont know untill i turn it off in the morning, but if the proxy server has the 1st DNS as the server you are turning off then, users will not be able to access the outside world.... Im sure this is the problem.
Thanks Zerohour for helping me out though....
26th August 2010, 07:14 PM #9
Are you planning to have 2 DNS's endgame?
If so I would set Primary DNS ip settings to 127.0.0.1 and secondary to the 2nd dns server
2nd should be primary dns server ip first then its own network ip second (not 127)
Then you setup a forwarder of 22.214.171.124 and then it will forward out requests.
26th August 2010, 07:25 PM #10
yeah, in the end, i am wanting 2 dns servers which will both be DCs along with 2 more DCs, which will all be running 2008 R2. Am i right in thinking the DNS servers on 2008 R2 in a 2003 function level still work? I had posted on here the other day at the fact you cannot use XP DNS MMC snap in on a 2008 R2 DNS server to administer it remotely, but obviously windows 7 RSAT will. I hate upgrades.......
If i was to enable the DNS active Directory integrated option, i have heard that this is a more stable, would you still use the same settings as you recommended for the dns servers?
26th August 2010, 07:38 PM #11
We run with pretty much those settings I said and we use AD integrated mode. I *think* 2003 AD is fine with 2008 R2 as long as the schema extensions are in.
Originally Posted by timbo343
So you will have 2 DNS/DC/GC and 2 other DC?
How many clients do you have?
Do you need 4 DC's particularily?
Remember you can have more then 2 DNS servers specified (xp included) you just have to dig a little deeper in the advanced config of TCP/IP.
We have 3 DC's here all with GC/DNS roles. 2 are virtual 1 is hardware.
26th August 2010, 07:48 PM #12
IWhen you mention the schema extensions, is that the adprep /forest, /domain and /gpprep? If so, i have got them in without any problems.
we have around 500 ish clients and will end up using those values you stated, although for the last 4 years, we have run fine on the values that were there originally. We have had 4 DCs for a while, really just for load balancing,
I have always had 2 DNS servers, i suppose like you said, 1 or 2 more may be helpful for balancing.
I have heard that one of the FSMO roles is not supposed to sit on a GC? How many clients are you suppoting then?
Its always best to have 1 in hardware form just incase. :P.
26th August 2010, 08:09 PM #13
Somewhere in these forums we have discussed this and it turned out that that was only a concern on larger multiforrest domains if I recall correctly. I would not be concerned about this unless your network is multiforrest.
Originally Posted by timbo343
26th August 2010, 09:30 PM #14
Sounds like you have got it sussed Tim
We have 2 DCs, both VMs at present (will get a physical hardware one in at Christmas I think) one VM lives on the SAN the other DC VM lives on the local HDD store on the Xenserver so we can start that before the SAN starts.
Both DCs are DNS boxes as well as GCs and it all seems to work fine now for us I wouldn't think you needed quite so many DCs though, maybe save some space and drop to 3. You want the forwarders to be set in DNS though and set them to your ISP makes things a lot better
26th August 2010, 09:39 PM #15
We are 650 clients and tbh 2 DC's etc is enough for that (we have 3 for the hardware node). I really probably wouldnt bother with 4 unless you really need it.
All 3 have all the relevant roles.
Yeh the ad prep stuff should okay it all.
By badboyvtec in forum Wireless Networks
Last Post: 27th March 2009, 11:50 AM
By Stuart_C in forum Windows
Last Post: 3rd November 2008, 07:43 PM
By burgemaster in forum Windows
Last Post: 27th June 2008, 12:05 PM
By ChrisH in forum Windows
Last Post: 19th February 2008, 09:59 PM
By jumpinjamez in forum Wireless Networks
Last Post: 13th March 2007, 08:29 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)