Jun 21 2018 11:50 PM
Hi,
Specs:
Server OS : Windows Server 2012 R2 standard
Domain: Not joined - Workgroup - DMZ server for LYNC EDGE
Hardware: Virtual Machine
Anti-Virus: TRENDDS deep security - Agentless
Patch status: current
Background:
Our ISP has changed the DNS servers and they have asked us to update all the servers. As part of this exercise we have updated all the DMZ servers except one server in the LYNC EDGE POOL.
One server registered instantly on the new DNS IP provided by the ISP. However, the second server does not register.
Troubleshooting performed:
Disabled Windows Firewall
Added Firewall exception
Tried Public IP from Google and OPEN DNS
Restarted DNS client.
IPCONFIG /flushdns & all other IPCONFIG steps
Server restarted multiple times.
Disabled Anti-Virus
Removed the vNIC and added another vNIC
Wireshark shows
DNS query is made but no response.
Firewall log shows that it is also sending the request out but no response is being received.
[Expert@sXXX-0001-fwp01a:0]# tcpdump -nni bond0.202 host 10.74.124.141 and host 131.203.1.5
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bond0.202, link-type EN10MB (Ethernet), capture size 96 bytes
11:43:35.188174 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:43:38.203177 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:43:42.203423 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:46:56.785882 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net. (51)
11:47:00.813962 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net. (51)
11:47:04.814037 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net.
Event log shows 8015 error.
I have compared every service, config, header from working server to the problematic machine and so far there is nothing that appears out of the ordinary.
Jun 24 2018 05:46 PM
Hi,
Any help would be appreciated.
thanks
Jun 24 2018 05:56 PM
Whos public name registration service are you using? I'd probably ask their tech support about your issues.
Jun 24 2018 11:08 PM
Hi Dave,
Thank you.
We are using the DNS provided by ISP. We have checked with them and they don't see any issue at their end. Also, the 2nd server is already registered which shows that DNS is responding. Not sure why only this server is not registering.
I have done NSLOOKUP as below
nslookup yahoo.com 8.8.8.8
even this fails.
Jun 25 2018 05:19 AM
If your ISP is providing an authoritative DNS hosting service, then I'd probably ask them for help. Google 8.8.8.8 does not provide this service. If you wanted this service from google then I believe there is a free trial.
If you're asking about something else I'd work through this one.
https://developers.google.com/speed/public-dns/docs/troubleshooting
Jun 26 2018 04:43 AM
Jun 26 2018 05:05 AM - edited Jun 26 2018 06:00 AM
@guruprasad tantry wrote:
Thank you Dave, I appreciate your response. But my problem is bit different.
Hmm, Ok. Sounds good then.