locked
Problems with nameresolution for just on entry in a DA loadbalanced scenario RRS feed

  • Question

  • Hi,

    we have the following Setup:

    2 HA Proxy; CentOS; Clustered and loadbalancing Connections to the DA Servers

    2 DA Servers; Server 2012R2

    Everything is working fine. Users can Access internal ressources as well as Internet an the Systems in the ISA / DMZ that are configured in the NRP tables.

    The problem:

    Users connected to DA Server 1 can Access resources on a Domain we have a bi-directional trust. Users connected to DA Server 2 can´t connect using names. Using IPv6 obtained by pinging the System from a Client connected via DA Server 1 I can Access the System.

    What I already tested:

    Nameresoulution for Systems in the trusted Domain is working from both DA Servers.

    Any other NRPT entry is working on Clients regardless of the DA Server.

    Reboot of DA Servers didn´t change a thing

    remote Access console is showing no Errors

    GPO´s are deployed correctly on both Servers as well as on the Clients

    Now i reached the Limit of my ideas what to look for. Is there any "static" Cache of mapping tables from IPv6 to IPv4 on the DA Servers that isn´t rebuild on reboot or configuration changes? Any way to "force" the DA Server 2 (like an entry to the /etc/hosts file)?

    Regards,

    Richard

    Tuesday, March 17, 2020 8:49 AM

Answers

  • Ok,

    i found the error. The DA Server 2 had no ipv6 address

    What i did:

    netsh Interface ipv6 Show Interface isatap

    the result showed that on Server 1 advertisment and forwarding was enabled while on Server 2 it was disabled

    with:

    netsh Interface ipv6 set Interface "index of the Interface (in my case 15)" advertise=enabled

    netsh Interface ipv6 set Interface "index of the Interface (in my case 15)" forwarding=enabled

    this could be fixed.

    Note that you have to restart the ip-helper-service in order to advertise the new ipv6 in the dns or set the ipv6 entry as a static in dns

    Regards

    Richard

    • Marked as answer by Richard Hey Tuesday, March 17, 2020 11:55 AM
    Tuesday, March 17, 2020 11:55 AM