none
Primary DNS servers not resolving the requests

    Question

  • we had 4 DNS servers in Organization and i configured in PC IP Configurations as Follows:

    192.168.1.60

    192.168.1.61

    192.168.1.62

    192.168.1.63

    8.8.8.8

    So all the local requests were going to Local DNS and Internet to 8.8.8.8

    Last week i demoted 192.168.1.61 Successfully. and removed secondary DNS entry (192.168.1.61) from IP Configurations.

    Problem is i cannot resolve the local Servers, even i cannot ping the domain name.

    ipconfig /Flushdns Works for sometime but problem comes again.

    Internet is working fine.

    Nslookup working fine.

    Problems only with few computers having access to internet.

     


    • Edited by Genius1985 Monday, December 26, 2016 6:29 AM
    Monday, December 26, 2016 6:28 AM

All replies

  • Hi

     First you should not use public ip's as dns ip on ad integrated DC.So you can configure forwarder for 8.8.8.8,etc..Check the article to configure;

    https://technet.microsoft.com/en-us/library/cc754941%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396

    Also just clear 8.8.8.8 from on dns setting,So the prefered dns ip should be itself and the alternate needs to be other DC.Fix that configuration on DC's.Then run "ipconfig /flushdns" ,"ipconfig /registerdns"..then verify.

    Otherwise you should share "ipconfig /all" ,"dcdiag /test:dns" results..


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, December 26, 2016 6:57 AM
  • Thank you Burak,

    8.8.8.8 is configured as secondary address in my local Computer not on the DC server. as DC doesn't have access to internet so configuring Forwarder will also not work.

    I have attached the DNS Configurations on my computer, can you please check.

    Monday, December 26, 2016 7:20 AM
  • Hi,
    I agree with Burak that it is not suggested to configure public IP with private IP in the DNS, as most cases about DNS resolving issue are caused by it.
    So why not to configure Forwarder for public IP in the DNS/DC server as Burak suggested?
    Alternatively, you could take a look at the following KB regarding to set MaxCacheTTL registry value and see if it helps:
    https://support.microsoft.com/en-us/kb/968372
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, December 27, 2016 6:38 AM
    Moderator
  • I would advise to proceed as the following:

    • Contact your ISP to identify their DNS servers (You should NOT use 8.8.8.8 as DNS server but your ISP ones)
    • Contact your security team to allow traffic from your DCs to your ISP DNS servers: It is enough to open traffic to your ISP DNS servers IP addresses for port 53
    • Configure your ISP DNS servers as forwarders on your DCs

    That would help on making sure that your internet domains resolution would work properly without the need to put it on the client side. That will also improve the DNS resolution process performance on your side because of the caching and the fact that your clients won't need to contact many DNS servers before getting the one which will allow them to do internet domains DNS resolution.

    I would also recommend to make sure that your DCs IP settings are configured as I recommended here: http://www.ahmedmalek.com/web/fr/articles.asp?artid=23. The reason is that it helps to make sure that all your DCs update their DNS records properly and minimizes the risk to have replication failures because of wrong/incorrect DNS resolution.


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Wednesday, December 28, 2016 8:58 PM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, January 2, 2017 6:18 AM
    Moderator