none
DNS resolution issues RRS feed

  • Question

  • Hello Experts,

    We have having 4 DCs in our environment and all 4 of them have DNS role installed. All domain joined workstations are getting IP through our DHCP server (where DNS servers IPs are listed under server scope).

    My Question is: When i reach an application using domain name, sometimes it is working and sometimes it is unreachable due to DNS error. Whenever i try with IP address it works perfect, So resolution is having some issues. 

    Also when i do "ping <my_domain_name>" it picks and resolve IP of different DCs every time.

    Can anyone help me to get this fixed please.

    Many thanks,

    Arun

    Tuesday, March 12, 2019 4:27 AM

All replies

  • Hi,

    could you show me the result of nslookup <my_domain_name>? Will it return different IP addresses?

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, March 12, 2019 7:48 AM
    Moderator
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, March 21, 2019 6:32 AM
    Moderator
  • Hi Travis,

    Thanks for the reply. here is the NSlookup result:

    C:\Users\arun>nslookup mydomain.com
    Server:  UnKnown
    Address:  192.168.4.130

    Name:    mydomain.com
    Addresses:  192.168.4.131
              192.168.4.130
              192.168.100.6
              192.168.3.252
              192.168.0.40

    C:\Users\arun>

    All the IPs are my DCs. 

    Thursday, April 4, 2019 8:08 AM
  • Hi,

    So the application needs a specific DC IP address.

    You can create a A record for the DC, and don't use same as parent folder records.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, April 4, 2019 9:33 AM
    Moderator
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, April 8, 2019 8:43 AM
    Moderator
  • Hi Travis,

    Thanks again and sorry for the delay.

    this issue is happening to all internal name resolution. sometimes i'm unable to ping mydomain.com and sometime i can. 

    "So the application needs a specific DC IP address.

    You can create a A record for the DC, and don't use same as parent folder records."

    Do i need to create A record for the DC again? If yes, I already have 4 Host A record for DCs (same as parent folder). Do i need to remove them recreate as you mentioned above??

    If yes, Kindly clarify each DC should have 4 host A records or single record for each DC within ?

    Note: As of now I've few same as parent records, they are below:

    Name----------------------Type------------------Data---------------------------------Timestamp

    (same as parent folder) ----SOA-----146738, dc1.mydomain.com., Hostmaster.-----Static

    (same as parent folder)-----NS----------dc1.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc2.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc3.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc4.mydomain.com-------------------------Static

    (same as parent folder)-----Host A------<IP of DC1>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC2>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC3>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC4>-------------------------------Dynamic

    Many thanks,

    Arun




    Saturday, April 13, 2019 5:38 AM
  • Hi,

    this issue is happening to all internal name resolution. sometimes i'm unable to ping mydomain.com and sometime i can.   

    It seems that there is a problem to connect to DCs.

    Please ping the IP addresses of DCs to check the connections.

    Yes, I mean single record for each DC.

    For example:

    DC1-----Host A------<IP of DC1>-------------------------------static

    What' more, can you reach the app with FQDN such as DC1.mydomain.com?

    Best regards,

    Travis



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, April 15, 2019 8:40 AM
    Moderator
  • Hi Travis,

    here are my findings:

    • All the time, I can ping my DCs without any issues using it's IP address 
    • I can't retrieve hostname / FQDN of any machine through the command ping -a <ip of DCs> (this is intermittent problem)
    • Ping mydomain.com works sometime and sometimes not.
    • I deleted "same as parent" (Host A) records which use to create dynamically (although SOA / NS are "same as parent" STATIC records for all DCs) - Even after deletion it keeps recreating again and again.
    • As of now each DCs have below records. Please let me know which are needs to be removed or created. I'm confused now. 

    Name----------------------Type------------------Data---------------------------------Timestamp

    (same as parent folder) ----SOA-----146738, dc1.mydomain.com., Hostmaster.-----Static

    (same as parent folder)-----NS----------dc1.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc2.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc3.mydomain.com-------------------------Static

    (same as parent folder)-----NS----------dc4.mydomain.com-------------------------Static

    (same as parent folder)-----Host A------<IP of DC1>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC2>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC3>-------------------------------Dynamic

    (same as parent folder)-----Host A------<IP of DC4>-------------------------------Dynamic

    DC1-------------------------Host A------<IP of DC1>-------------------------------Static

    DC2-------------------------Host A------<IP of DC2>-------------------------------Static

    DC3-------------------------Host A------<IP of DC3>-------------------------------Static

    DC4-------------------------Host A------<IP of DC4>-------------------------------Static

    Please note: there is no applications hosted on any DCs to access DC1.mydomain.com, it's a matter of DNS resolution for all internal applications/machines. 

    Let's say for example i have a site hosted internally on one machine (its IP is 192.168.1.1) and a host A created for it with a name "jenkins".

    -- With "jenkins.mydomain.com" URL, My users are able to access the application sometimes and not working sometimes. But same time he can access with its IP address (192.168.1.1). In other words, my users never face issues with IPs.

    Many thanks,

    Arun



    Tuesday, April 16, 2019 11:28 AM
  • Hello,

    nslookup will try to resolve the name for the ip address of the DNS server configured as the primary DNS server on the client by performing a reverse lookup of the ip address. If you don't have a reverse DNS zone set up for your network/subnet you'll get the "server unknown" message as nslookup will be unable to resolve the name for the ip address.

    so you need to check if you have PTR records for all your Domain controllers in reverse lookup zone. 

    you can also send me results of below and also analyse them yourself.

    C:\>nslookup Default Server:  xxxx Address:  xxxx > set debug > yourdomainname


    Tuesday, April 16, 2019 11:40 AM
  • Hi,

    There is a misunderstanding.

    When i reach an application using domain name, sometimes it is working and sometimes it is unreachable due to DNS error. Whenever i try with IP address it works perfect, So resolution is having some issues.  

    The domain name means FQDN of a host such as "jenkins.mydomain.com" not "mydomain.com" ,right?

    Also when i do "ping <my_domain_name>" it picks and resolve IP of different DCs every time.

    It is another problem, right?

    Don't worry,  creating A records for DCs has no bad effects.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 17, 2019 6:29 AM
    Moderator
  • Hi,

    If you can't resolve the hostname, please use command nslookup to check the DNS server.

    Nslookup -d2 hostname 

    The command will show you the process of resolution.

     when i do "ping <my_domain_name>" it picks and resolve IP of different DCs every time.  

    It is a normal behavior. 

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 17, 2019 6:33 AM
    Moderator