Re: Why adding secondary IP to NIC of DNS servers failed ?

Responses below.

"Greg Lindsay [MSFT]" <greg.lindsay@xxxxxxxxxxxxx> wrote in message
news:ef2VfBmtGHA.4372@xxxxxxxxxxxxxxxxxxxxxxx
Marlon,

You said that you didn't add the 1.0.0.x address to the NIC of the
application server. However, you indicated previously that it was using
an IP address in this range. You say the server was "originally on the
1.0.0.x network".

===> Correct. The application servers which experienced the DNS resolution
glitch are on the 1.0.0.x network only.

Let's use 1.0.0.x as the network. My mistake if I said 10.0.0.x, it was a
typo.

If I ping the DNS02 and DNS01 from MyAppServer, it responds on 200.1.1.x;
however, note that I am unable to make any changes to the DNS servers at
this point and add the IP addesses 1.0.0.0/24, since that made me look to
bad last week already.



Note: Actually, I think we are talking about a 10.0.0.x network here. I
noticed when re-reading your original post that you said 10.0.0.x once,
then accidently dropped the 0 and typed 1.0.0.x. Hopefully this is just a
typo and you haven't got a mixed network of 10.0.0.x and 1.0.0.x. If you
do have them mixed, then this is probably what is causing your problem.
10.x.x.x is the one of the reserved networks for private IP addressing,
but 1.x.x.x is not.

When everything was working perfectly (before you changed the DNS
servers), how was the network configured? Were you using only addresses
in the 200.1.1.x range?

Can you ping the DNS server from the application server? If so, what IP
address responds?

The IP configuration of the application server you listed shows that it is
using a 10.0.0.x address (not 1.0.0.x I hope), but is trying to use
200.1.1.x addresses for DNS. Unless your default gateway at 10.0.0.254
can route between these networks, then DNS will fail. If the 10.0.0.254
address is your layer 3 switch and it isn't currently routing between the
10.0.0.x and 200.1.1.x networks, then this could be your problem.

--
Greg Lindsay [MSFT]
greg.lindsay@xxxxxxxxxxxxx

Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%231UievltGHA.3552@xxxxxxxxxxxxxxxxxxxxxxx
Just one correction below:

In preparation to the IP address migration to the 1.0.0.x range, I
assigned the IP address inteh 1.0.0.x range to the TCP/IP properties on
the respective DNS01 and DNS02 only. I did not touch application servers
or devices pointing to the server yet.

That said, yes, both DNS01 and DNS02 are configured to listen on "All IP
addresses".
When I added the 1.0.0.x IPs to the respective NICs on the DNS server,
than the application servers and devices on the same network 1.0.0.x
experienced the name resolution issue.

From my AppSvr, which is originally on the 1.0.0.x network, I can
portqry.exe TCP 53 and UDP 53 Ok, pointing to the DNS01 and DNS02 servers
(using original 200.1.1.x range).

If you agree with me that it makes no sense that the addition of the
1.0.0.x and coexistence of IP's should cause a problem, I will have to
focus on the layer 3 switch to see what's going on.


"Greg Lindsay [MSFT]" <greg.lindsay@xxxxxxxxxxxxx> wrote in message
news:e4E4FratGHA.1504@xxxxxxxxxxxxxxxxxxxxxxx
Let me see if I understand the issue correctly.

You had some DNS servers and application servers on subnet 200.1.1.x and
everything was working fine.
You are planning to migrate this subnet to a new range of addresses:
1.0.0.x. In preparation, you assigned a secondary IP address in the
1.0.0.x range to the interfaces of all the servers (DNS and application
servers).
You also added the new DNS server IP addresses (1.0.0.x range) to the
"Use the following DNS server addresses" list on your application
server. If needed to list more than 2 DNS servers, you used the advanced
TCP/IP settings DNS tab.
After you made these changes, the application server was unable to
resolve DNS names. It's IP address was in the 1.0.0.x range, but the
DNS server it was trying to use was in the 200.1.1.x range.

If all of this is correct, then please tell me:

1) Can you ping the DNS server from the application server?
2) Does the application server show that the interface is assigned 2
addresses, or just 1?

If the application server has just one IP address in the 1.0.0.x range,
then you need to add a 200.1.1.x to it.

I hope I understood this correctly, and I apologize if I am making this
more complicated than it needs to be.

--
Greg Lindsay [MSFT]
greg.lindsay@xxxxxxxxxxxxx

Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OHWhUkZtGHA.3912@xxxxxxxxxxxxxxxxxxxxxxx
From a member server MyAppserver which experienced the DNS resolution
issues after DNS01 and DNS02 got the additional IP 1.x.x.x added to the
NIC:

Advanved TCP/IP Settings

DNS Server addresses
200.1.1.2 (note it is pointing to the original DNS IP address)
200.1.1.1


As you can see the member servers were not touched. All I did was
adding the 1.x.x.x. IPs to the TCP/IP properties on the respective DNS
Servers and let the new IP's ready for people to use them if they
wanted, while letting the original 200.x.x.x IP's coexist for few days.




"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:%23i6uMzYtGHA.1216@xxxxxxxxxxxxxxxxxxxxxxx
Hi

I hope that you don't mind for me to step in.

I just want to add something:
Check if you have under the dns properties:
netmask ordering selected on advanced tab, and under the interfaces
tab if you have listen for both ipaddress.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Greg Lindsay [MSFT]" <greg.lindsay@xxxxxxxxxxxxx> wrote in message
news:OwOQYWYtGHA.1216@xxxxxxxxxxxxxxxxxxxxxxx
You mean it is input manually with different subnets for DNS and
IP/gateway? When you correct it, does it stay corrected, or return to
the previous values?

I've not heard of this sort of problem before, but perhaps someone
else has. If it's happening on more than one machine, I still think
it might be related to the new DHCP server test. Is it possible that
someone else was messing with the settings?

--
Greg Lindsay [MSFT]
greg.lindsay@xxxxxxxxxxxxx

Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:O3crZ5XtGHA.4140@xxxxxxxxxxxxxxxxxxxxxxx
I know, but in this case, both IP and DNS information has been input
manually. Any idea what could have caused this ?


"Greg Lindsay [MSFT]" <greg.lindsay@xxxxxxxxxxxxx> wrote in message
news:eVDzAkPtGHA.4748@xxxxxxxxxxxxxxxxxxxxxxx
Configuration of the TCP/IP settings for IP address and DNS are
independent. You can have a static IP address, but still select
"Obtain DNS server address automatically", and vice-versa.

Make sure you have both set to static (and have the correct
addresses) if you aren't using DHCP. Later when you switch to
DHCP, make sure to switch both again.

I hope this helps!

--
Greg Lindsay [MSFT]
greg.lindsay@xxxxxxxxxxxxx

Disclaimer: This posting is provided "AS IS" with no warranties,
and confers no rights.

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:umpOAKPtGHA.4140@xxxxxxxxxxxxxxxxxxxxxxx
On MyApplicationServer on the network 1.0.0.0, here is the IP
address configuration:
The servers which freaked out are all under static IP address
configuration. It is true folks are testing a new DHCP server on
given networks, but since our servers point to static IP address,
I think that is unrelated.


DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 1.0.0.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 1.0.0.254
DNS Servers . . . . . . . . . . . : 200.1.1.2 (note it is pointing
to the original DNS IP address)
200.1.1.1
Primary WINS Server . . . . . Wrong IP ( I don't think this is
related to the DNS issue, but I noticed that WINS IP existing
there is invalid)
Secondary WINS Server . . . Wrong IP







"Greg Lindsay [MSFT]" <greg.lindsay@xxxxxxxxxxxxx> wrote in
message news:u4%23nqnOtGHA.4968@xxxxxxxxxxxxxxxxxxxxxxx
Are the people on other networks using a different DHCP server?

What is the order of the preferred DNS servers being sent to
clients on the 200.1.1.x network?

--
Greg Lindsay [MSFT]
greg.lindsay@xxxxxxxxxxxxx

Disclaimer: This posting is provided "AS IS" with no warranties,
and confers no rights.

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:ea3NWiLtGHA.1888@xxxxxxxxxxxxxxxxxxxxxxx
This is the situation:

DNS-ADI-WINS1 = IP=200.1.1.1
DNS-ADI-WINS2 = IP=200.1.1.2

I will have to replace DNS-ADI-WINS1 IP addresses by IP=1.0.0.1
and 1.0.0.2 respectively.
What I did:

I added the IP addresses to the NIC of the DNS servers. That way
addresses 200.1.1.1 and 1.0.0.1 coexist. I did that so people
could start updating firewall rules, static member server IP
addresses, DHCP scope to point to the new DNS IP addresses
10.0.0.x. At scheduled date I would remove the 200.1.1.1
addresses from the NIC of the respective DNS-ADI-WINS servers.

Problem:
After adding the secondary 1.x.x.x IP addresses to the DNS
servers TCP/IP properties, people with servers on the specific
network 200.1.1.x experienced problems with server resolution.
All servers on 200.1.1.1 was unable to successfully return
nslookup queries and locate DNS resources.
Can someone explain what could be causing this ? Servers on
other networks performed OK, only the ones on the same network
than the DNS servers
























.

Relevant Pages

  • Re: computer browser service wont start
    ... I've noticed that dnsApi is sometimes one of the things that starts early before everything it needs is actually working, e.g. the TCP/IP and network stack. ... In the situations I've seen the Event Log entry from dnsApi that you report, the computer did successfully register itself later. ... This assumes that the targetted DNS server can accept Dynamic registrations and the computer doing the dynamic registration is permitted to do so. ...
    (microsoft.public.windows.server.general)
  • Re: ConnectComputer Problem
    ... I'm a little confused by your network configuration. ... Switch2 --- SBS Server ... switch has internet access all the time, the second switch has the client ... NICs ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... laptop plugged into port on DSL router. ... service, e-mail, and RWW is available to all users on the network. ... The server is a SBS2003 SP1 Standard box without ISA, ... of the two NICs by clicking the Advanced tabs, it won't open that box, ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot browse the network after migration
    ... the cause is the multiply NICs are all enable NetBT. ... >>> browse the network. ... >>> 189101 Understanding NetBIOS Resource Record Flags ... >>> NetBIOS setting from the DHCP server. ...
    (microsoft.public.windows.server.migration)
  • RE: How Does ISA 2004 Performs Routing
    ... Since I'm still not very clear about the network topology, ... The output of "IPconfig /all" command on ISA and an internal computer. ... >referring to routing between the 2 NICs but was referring to how the ISA ... >server itself routed to the next proxy server in the proxy chain. ...
    (microsoft.public.isa)