Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, October 11, 2011 1:24 PM
Hi, we have just upgraded to a 2008 dns server from at 2003 server.
As far as I can tell, DNS is working fine. I can resolve names etc, but when I try to run DNS tests in fails:
Simple query against this DNS server - FAIL
Recursive query to other DNS servers - FAIL
We have set our new DNS server up the same as our 2003 which worked fine.
I have to NIC's, only one is set to listen for DNS requests, the other is reserved for mangement and I have to specific public IP addresses listed as forwarders. Can anyone help me get this working?
Thanks.
All replies (10)
Tuesday, October 11, 2011 4:25 PM | 2 votes
It may be trying to access the other NIC's IP, if it is set as an SOA or NS server in the zone.
Or it could be the Forwarders. Best bet, if this is a DC, is to run a dcdiag /v, and post any errors.
And if this is DC, you may need to do additional work if you want to keep that other NIC active so as to not interfere with AD functionality:
Multihomed DCs (with more than one unteamed NIC or multiple IPs) with DNS, RRAS, and/or PPPoE adapters -
A multihomed DC is not a recommended configuration, however there are ways to configure such a DC to work properly. (Microsoft does not recommend or support machines with teamed NICs, DCs or not.)
Published by Ace Fekay, MCT, MVP DS on Aug 17, 2009 at 9:29 PM 2800 2
http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Wednesday, October 12, 2011 7:27 AM
Hi,
Thanks for posting here.
Which DNS servers address are you set for the interfaces on this server ? could you post back the “ipconfig /all” results from these server ?
May we can test by temporarily disabling the management interface and use dedicate one for testing:
http://technet.microsoft.com/en-us/library/cc784883(WS.10).aspx
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Friday, July 11, 2014 2:30 PM | 6 votes
I had the same issue with a Windows Server 2012 DC. I just disabled the second NIC and then the DNS now passes the simple query and the recursive query.
Sunday, July 13, 2014 10:12 PM
I had the same issue with a Windows Server 2012 DC. I just disabled the second NIC and then the DNS now passes the simple query and the recursive query.
That's definitely one of the things that will cause issues with DCs and DNS - having multiple NICs and/or IPs. My blog has more info on multihoming (posted above).
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Wednesday, September 2, 2015 3:02 PM | 1 vote
I had similar issue with Server 2012 R2 DC not passing monitoring tests. It passed all other DCDIAG tests. Al I had to do was disable all the NIC's that were not used. In this case all except the one I was using since it was a domain controller.
Sunday, September 27, 2015 1:58 AM
Same thing Just Happened to me. We had a svr2012R2 DNS server without DC (we will call it UselessDNS01); I wanted to turn on scavenging throughout our environment; so I removed the DNS role and installed ADDS with DNS role so it would be AD integrated and we would have time-stamps that would allow for scavenging on this server. All was going fine, all my forward and reverse zones came in as I expected and ad was replicating fine. But when I went to do the query tests from the Monitoring tab I got the WHAMMY FAIL. Found this post and disabled all nonutilized ports on the NIC (4 port NIC) and BINGO we have a passing test. Thanks guys!
Tuesday, January 26, 2016 6:36 PM
This fixed my issue as well. Checked and rechecked the configuration multiple times. Second NIC was the problem.
Tuesday, October 25, 2016 7:03 AM
This fixed my problem but introduced another problem. NIC1 is on the 192.168.1.0/24 subnet and is connected to my router for internet access. NIC2 is on the 10.1.1.0/24 subnet and am setting it up to be the port to accept RADIUS requests from the Cisco APs I am using. After disabling NIC2 it passed the monitoring test. Re-enabling it caused it to again fail. Unchecking the "Listen on Interfaces" for the 10.1.1.0/24 subnet and leaving the 192.168.1.0/24 checked didn't fix the problem.
Is there a way to have both interfaces enabled but only service DNS requests on one so that it passes the monitoring test? I'm studying for the MCSE & CCNA and have hit a brick wall with this one.
Cheers, Matt.
Tuesday, October 25, 2016 6:46 PM
This fixed my problem but introduced another problem. NIC1 is on the 192.168.1.0/24 subnet and is connected to my router for internet access. NIC2 is on the 10.1.1.0/24 subnet and am setting it up to be the port to accept RADIUS requests from the Cisco APs I am using. After disabling NIC2 it passed the monitoring test. Re-enabling it caused it to again fail. Unchecking the "Listen on Interfaces" for the 10.1.1.0/24 subnet and leaving the 192.168.1.0/24 checked didn't fix the problem.
Is there a way to have both interfaces enabled but only service DNS requests on one so that it passes the monitoring test? I'm studying for the MCSE & CCNA and have hit a brick wall with this one.
Cheers, Matt.
Hi Coconut
I'm not sure what problem you were having or what exactly you used to fix it. I assume since this thread was about domain controllers and multihoming, that I assume you are also discussing a multhomed domain controller that you had problems with.
What I can say is multihoming Domain Controllers is not recommended due to the issues discussed above. A DC's must only be on ONE subnet, because AD Sites are based on subnet, and can only be in one subnet, so if there are multiple subnets in different AD sites, then it will cause a major problem on a DC.
If you require a RRAS server for RADIUS auth, I recommend a non-DC.
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Monday, September 4, 2017 11:01 AM
this worked thanks