+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Wireless Networks Thread, HELP!!! Major DNS Problems here.... in Technical; Right I just dont know where to start. In the beginning we had 2 DNS servers both on Windows 2003 ...
  1. #1

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125

    HELP!!! Major DNS Problems here....

    Right I just dont know where to start.

    In the beginning we had 2 DNS servers both on Windows 2003 R2 and everything was running fine with a 2003 domain.

    Yesterday I removed one of the servers (ISIS) from the network to upgrade it to windows 2008 R2. Windows 08 R2 installed without any problems and DNS replicated fine to this server. My replication is set to ALL DNS SERVERS IN THE ACTIVE DIRECTORY DOMAIN.

    Today, i have come to do the other one, but as soon as i turn this server off, i cannot get out to the outside world. This server is not a proxy server! I removed the DNS role and still couldnt get out.

    I have added the role back, but now it cannot find the DNS entries from ISIS and i have to manually add the DNS entries. Only up to added the entries in i have managed to get back on the net.

    Can someone please help!

  2. #2

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    First thing, have you got the global catalogue on each?
    Are these your DC's? or just dns?

  3. #3

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    Here is how they are set up at the mo after a lot of trail and error and still HADES thinks it owns the domain:

    HADES: 2003 R2 x64, DC, Secondary DNS (I have taken out the AD Configuration), not a GC.
    ISIS: 2008 R2, DC, GC
    SETH: 2003 R2 x64, DC, Primary DNS, GC
    DEMETER: 2008 R2, DC, running all FSMO at the mo, just for temporary use, Not a GC.

    I am trying to get the internet to work while HADES is offline but the only way i can get it to work is to have it onlne which is stopping me from upgrading 2008 R2.

    I keep getting status: expired in my DNS on HADES for my zones.

  4. #4

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    As a general rule I would say always have the GC on each DC generally as without a GC somewhere auth wont work properly.
    How have you configured your nic's dns's for each?
    e.g. HADES: 1st: LOCAL 2nd: ISIS 3rd: BLAH etc

  5. #5

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    Im not too sure if this is right, but i shall do a before and after:

    Before:

    HADES:
    Preferred DNS: 172.16.24.5 (ISIS)
    Alternate: 195.112.4.4 (Our ISP)

    ISIS:
    Preferred DNS: 172.16.24.3 (HADES)
    Alternate: 195.112.4.7 (Our ISP)

    The rest of the servers pointed to ISIS first then HADES.

    Now:

    HADES:
    Preferred: 172.16.24.2 (SETH now my primary DNS)
    Alternate: 195.112.4.4

    ISIS:
    Preferred: 172.16.24.5 (It's self)
    Alternate: 195.112.4.4

    SETH:
    Preferred: 172.16.24.5
    Alternate: 195.112.4.4

    DEMETER:
    DHCP config address: DNS server 172.16.24.2 (SETH)

  6. #6

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    Right firstly I would never ever use isp dns as secondary tbh. In DNS you can give it a forward ip and if your dns does not have a record it will forward it out to the ip you want (googles dns is good 8.8.8.8)
    Can you see if any forwarders are setup on your servers in DNS yet?

  7. #7

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    Ok, thanks.

    On SETH there are no forwarders set. Neither on ISIS or HADES.

  8. #8

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    UPDATE....

    I think i have sorted it... although i wont know untill i turn it off in the morning, but if the proxy server has the 1st DNS as the server you are turning off then, users will not be able to access the outside world.... Im sure this is the problem.

    Thanks Zerohour for helping me out though....

    Tim

  9. #9

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    Are you planning to have 2 DNS's endgame?
    If so I would set Primary DNS ip settings to 127.0.0.1 and secondary to the 2nd dns server
    2nd should be primary dns server ip first then its own network ip second (not 127)
    Then you setup a forwarder of 8.8.8.8 and then it will forward out requests.

  10. #10

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    yeah, in the end, i am wanting 2 dns servers which will both be DCs along with 2 more DCs, which will all be running 2008 R2. Am i right in thinking the DNS servers on 2008 R2 in a 2003 function level still work? I had posted on here the other day at the fact you cannot use XP DNS MMC snap in on a 2008 R2 DNS server to administer it remotely, but obviously windows 7 RSAT will. I hate upgrades.......

    If i was to enable the DNS active Directory integrated option, i have heard that this is a more stable, would you still use the same settings as you recommended for the dns servers?

  11. #11

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    Quote Originally Posted by timbo343 View Post
    yeah, in the end, i am wanting 2 dns servers which will both be DCs along with 2 more DCs, which will all be running 2008 R2. Am i right in thinking the DNS servers on 2008 R2 in a 2003 function level still work? I had posted on here the other day at the fact you cannot use XP DNS MMC snap in on a 2008 R2 DNS server to administer it remotely, but obviously windows 7 RSAT will. I hate upgrades.......

    If i was to enable the DNS active Directory integrated option, i have heard that this is a more stable, would you still use the same settings as you recommended for the dns servers?
    We run with pretty much those settings I said and we use AD integrated mode. I *think* 2003 AD is fine with 2008 R2 as long as the schema extensions are in.
    So you will have 2 DNS/DC/GC and 2 other DC?
    How many clients do you have?
    Do you need 4 DC's particularily?
    Remember you can have more then 2 DNS servers specified (xp included) you just have to dig a little deeper in the advanced config of TCP/IP.
    We have 3 DC's here all with GC/DNS roles. 2 are virtual 1 is hardware.

  12. #12

    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,198
    Thank Post
    321
    Thanked 314 Times in 219 Posts
    Rep Power
    125
    IWhen you mention the schema extensions, is that the adprep /forest, /domain and /gpprep? If so, i have got them in without any problems.
    we have around 500 ish clients and will end up using those values you stated, although for the last 4 years, we have run fine on the values that were there originally. We have had 4 DCs for a while, really just for load balancing,
    I have always had 2 DNS servers, i suppose like you said, 1 or 2 more may be helpful for balancing.
    I have heard that one of the FSMO roles is not supposed to sit on a GC? How many clients are you suppoting then?
    Its always best to have 1 in hardware form just incase. :P.

  13. #13

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by timbo343 View Post
    I have heard that one of the FSMO roles is not supposed to sit on a GC? How many clients are you suppoting then?
    Somewhere in these forums we have discussed this and it turned out that that was only a concern on larger multiforrest domains if I recall correctly. I would not be concerned about this unless your network is multiforrest.

  14. #14

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,447
    Thank Post
    1,537
    Thanked 1,069 Times in 934 Posts
    Rep Power
    305
    Sounds like you have got it sussed Tim

    We have 2 DCs, both VMs at present (will get a physical hardware one in at Christmas I think) one VM lives on the SAN the other DC VM lives on the local HDD store on the Xenserver so we can start that before the SAN starts.

    Both DCs are DNS boxes as well as GCs and it all seems to work fine now for us I wouldn't think you needed quite so many DCs though, maybe save some space and drop to 3. You want the forwarders to be set in DNS though and set them to your ISP makes things a lot better

  15. #15

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,837
    Thank Post
    974
    Thanked 1,405 Times in 850 Posts
    Blog Entries
    1
    Rep Power
    460
    We are 650 clients and tbh 2 DC's etc is enough for that (we have 3 for the hardware node). I really probably wouldnt bother with 4 unless you really need it.
    All 3 have all the relevant roles.
    Yeh the ad prep stuff should okay it all.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Major D-Link Switch Problems
    By badboyvtec in forum Wireless Networks
    Replies: 30
    Last Post: 27th March 2009, 11:50 AM
  2. DNS problems
    By Stuart_C in forum Windows
    Replies: 2
    Last Post: 3rd November 2008, 07:43 PM
  3. DNS Problems... DCHP correct, DNS wrong
    By burgemaster in forum Windows
    Replies: 7
    Last Post: 27th June 2008, 12:05 PM
  4. Major server problems :(
    By ChrisH in forum Windows
    Replies: 6
    Last Post: 19th February 2008, 09:59 PM
  5. Any help would be great - Major network problems
    By jumpinjamez in forum Wireless Networks
    Replies: 16
    Last Post: 13th March 2007, 08:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •