Home

DMZ (Workgroup) not registering to any Public DNS

Highlighted
guruprasad tantry
New Contributor

Hi,

 

Specs:

Server OS : Windows Server 2012 R2 standard

Domain: Not joined - Workgroup - DMZ server for LYNC EDGE

Hardware: Virtual Machine

Anti-Virus: TRENDDS deep security - Agentless

Patch status: current

 

Background:

Our ISP has changed the DNS servers and they have asked us to update all the servers. As part of this exercise we have updated all the DMZ servers except one server in the LYNC EDGE POOL.

One server registered instantly on the new DNS IP provided by the ISP. However, the second server does not register.

Troubleshooting performed:

Disabled Windows Firewall

Added Firewall exception

Tried Public IP from Google and OPEN DNS

Restarted DNS client.

IPCONFIG /flushdns & all other IPCONFIG steps

Server restarted multiple times.

Disabled Anti-Virus 

Removed the vNIC and added another vNIC 

Wireshark shows Capture.PNG

DNS query is made but no response. 

Firewall log shows that it is also sending the request out but no response is being received.

 

[Expert@sXXX-0001-fwp01a:0]# tcpdump -nni bond0.202 host 10.74.124.141 and host 131.203.1.5
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bond0.202, link-type EN10MB (Ethernet), capture size 96 bytes
11:43:35.188174 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:43:38.203177 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:43:42.203423 IP 10.74.124.141.52851 > 131.203.1.5.53: 26095+ A? wpad.XX.XXX.XXXXXXX.net. (40)
11:46:56.785882 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net. (51)
11:47:00.813962 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net. (51)
11:47:04.814037 IP 10.74.124.141.53157 > 131.203.1.5.53: 58665+ SOA? XX-WN-LYNCEDG01.XX.XXX.XXXXXXX.net.

 

Event log shows 8015 error.

I have compared every service, config, header from working server to the problematic machine and so far there is nothing that appears out of the ordinary.

 

6 Replies
Highlighted

Hi,

 

Any help would be appreciated.

 

thanks

Highlighted

Whos public name registration service are you using? I'd probably ask their tech support about your issues.

 

 

Highlighted

Hi Dave,

 

Thank you.

We are using the DNS provided by ISP. We have checked with them and they don't see any issue at their end. Also, the 2nd server is already registered which shows that DNS is responding. Not sure why only this server is not registering.

I have done NSLOOKUP as below

nslookup yahoo.com 8.8.8.8 

even this fails.

Highlighted

If your ISP is providing an authoritative DNS hosting service, then I'd probably ask them for help. Google 8.8.8.8 does not provide this service. If you wanted this service from google then I believe there is a free trial.

https://cloud.google.com/dns/

If you're asking about something else I'd work through this one.

https://developers.google.com/speed/public-dns/docs/troubleshooting

 

 

Highlighted
Thank you Dave, I appreciate your response. But my problem is bit different.
Highlighted

@guruprasad tantry wrote:
Thank you Dave, I appreciate your response. But my problem is bit different.

Hmm, Ok. Sounds good then.