Forum Discussion

Copper Contributor

Mar 13, 2020

Windows Server 2019 warns No Internet Access after AD, DNS and DHCP setup

Hi all. I have a Windows Server 2019 VM (HyperV) where I setup my first DC. I also setup DNS and DHCP on the server. After deploying these, the yellow warning icon appeared on the network icon in...

2020031309.000.zip22 KB

Networking

Dave Patrick

MVP

Jun 25, 2020

google DNS knows nothing of your private domain. domain controller should always have at least own static ip address, and loopback (127.0.0.1) listed on connection properties. Never use router or public DNS here. Internet queries are passed on in a top-level down fashion by default to the 13 root hint servers, or optionally any configured forwarders.

rob_nicholson_helios

Copper Contributor

Jun 26, 2020

This fault is nothing AFAIK to do with root hints - they are only ever used when the forwarder DNS server fails or is not configured.

It's some flaw in the check for internet access when running on a single domain controller system. When you promote a member to a domain controller and install a DNS server at the same time, it removes the DNS settings against the NIC, uses that for the DNS server forwarder and replaces it with 127.0.0.1. This works perfectly for everything except for whatever test is being carried out for internet connectivity.

Adding the DNS setting on the DC for an upstream DNS server (e.g. router or Google DNS or OpenDNS) and the check starts working.

The DC itself will refer to itself as 127.0.0.1 is checked first and most of the time will work.

Dave Patrick
MVP
Jun 26, 2020
google DNS knows nothing of the internal domain and cannot be used for DNS on server's connection properties. Always use the server's own static ip address plus loopback and no others such as router or public DNS
- rob_nicholson_helios
  Copper Contributor
  Sep 20, 2020
  >google DNS knows nothing of the internal domain and cannot be used for DNS on server's connection properties
  
  I'm talking about the forwarders above and Google DNS servers are as good as any others in resolving *external* requests.
  - Dave Patrick
    MVP
    Sep 20, 2020
    
    rob_nicholson_helios wrote:
    >google DNS knows nothing of the internal domain and cannot be used for DNS on server's connection properties
    
    I'm talking about the forwarders above and Google DNS servers are as good as any others in resolving *external* requests.
    
    I'd suggest starting your own thread as opposed to hijacking another. Makes things easier to follow.
rob_nicholson_helios
Copper Contributor
Jun 26, 2020
It might be because it's very common for the forwarded DNS server to fail to resolve if it's picked up the upstream router like this. I'm just going to change the forwarder to Google DNS and remove from the static IP configuration to see if that works as well.