Re: 2008 R2 DC DNS Server Starts then Stops After Reboot



Theres conflicting guidance on how to configure client dns settings on a dc
on technet, team blogs and even within server manager. Some posts say to use
loopback, some say to use the real address, some say to use local ip as
primary, server manager advises to set ip as secondary dns. Also, I realize
the subnet is way to large, and am currently working on breaking it down into
more manageable networks - but like you said, none of the above pertains to
the issue at hand.

I'll look at the firewall config doc and see what I can do.

"Meinolf Weber [MVP-DS]" wrote:

Hello JBailey,

The ipconfig output more or less looks ok, you should use always the real
ip address on the DCs NIC, instead of the loopback ip address 127.0.0.1,
but this isn't the solution for the problem. Also limiting the subnet mask
to /24 (255.255.255.0), 254 possible clients in the subnet, should be a better
option to make your broadcast domain smaller. With the current one /16 (255.255.0.0)
you are able to work with 65534 clients, maybe a bit too much?

Did you open the firewall ports on the new DCs to allow all AD needed services?
See the following articles about using firewalls on DCs:
http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

http://support.microsoft.com/kb/179442/

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Old DC 1

C:\WINDOWS\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : mhdc
Primary Dns Suffix . . . . . . . : corp.xxxx.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : corp.xxxx.com
xxxx.com
Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Team 1
Physical Address. . . . . . . . . : 00-15-60-0B-1E-84
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.1.0.98
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.1.2.254
DNS Servers . . . . . . . . . . . : 127.0.0.1
10.1.0.31
OLD DC 2

C:\WINDOWS\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : mhbc
Primary Dns Suffix . . . . . . . : corp.xxxx.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : corp.xxxx.com
xxxx.com
Ethernet adapter Team1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Team 1
Physical Address. . . . . . . . . : 00-1C-C4-C1-E9-A4
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.1.0.97
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.1.2.254
DNS Servers . . . . . . . . . . . : 127.0.0.1
10.1.0.1
NEW DC 1

C:\Windows\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : MSN-INF-DC01
Primary Dns Suffix . . . . . . . : corp.xxxx.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : corp.xxxx.com
Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC326i PCIe Dual Port
Gigabit
Server A
dapter #2
Physical Address. . . . . . . . . : 00-25-B3-EA-65-41
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.0.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.1.2.254
DNS Servers . . . . . . . . . . . : 10.1.0.1
10.1.0.31
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{77191B73-F426-4829-8335-A5B5A07C1396}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling
Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
NEW DC 2

C:\Windows\system32>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : MSN-INF-DC02
Primary Dns Suffix . . . . . . . : corp.xxxx.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : corp.xxxx.com
Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC326i PCIe Dual Port
Gigabit
Server A
dapter #2
Physical Address. . . . . . . . . : 00-26-55-AD-6C-69
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.0.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.1.2.254
DNS Servers . . . . . . . . . . . : 10.1.0.31
10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{138372F7-A2AD-467C-9C38-BAFD5C9F1249}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling
Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Firewalls running on two new 2008 r2 domain controllers - not on old
domain controllers.

Thanks

"Meinolf Weber [MVP-DS]" wrote:

Hello JBailey,

Let's start with an unedited ipconfig /all from the new and old DCs,
so we can check the DNS configuration. Any firewall running between
the DCs?

Also see:
http://technet.microsoft.com/en-us/library/cc735762(WS.10).aspx
There can be problems with an earlier patch where uninstalling this
can help: http://support.microsoft.com/kb/951746

After that check with this one:
http://support.microsoft.com/kb/953230
Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I have just promotoed two new 2008 R2 domain controllers into an
existing 2003 forest. DCPromo process went fine, but after the first
reboot the DNS server started and then stopped on both servers. The
DNS service starts but then I see the following errors in the DNS
log:

Event 407
The DNS server could not bind a User Datagram Protocol (UDP) socket
to
10.1.0.31. The event data is the error code. Restart the DNS server
or
reboot
your computer.
followed by
Event 408
The DNS server could not open socket for address 10.1.0.31.
Verify that this is a valid IP address for the server computer. If
it
is
NOT valid use the Interfaces dialog under Server Properties in the
DNS
Manager to remove it from the list of IP interfaces. Then stop and
restart
the DNS server. (If this was the only IP interface on this machine
and
the
DNS server may not have started as a result of this error. In that
case
remove the DNS\Parameters\ ListenAddress value in the services
section
of the
registry and restart.)
If this is a valid IP address for this machine, make sure that no
other application (e.g. another DNS server) is running that would
attempt to use the DNS port.
For more information, see "DNS server log reference" in the online
Help.

followed by

Event 404
The DNS server could not bind a Transmission Control Protocol (TCP)
socket
to address 10.1.0.31. The event data is the error code. An IP
address of
0.0.0.0 can indicate a valid "any address" configuration in which
all
configured IP addresses on the computer are available for use.
Restart the DNS server or reboot the computer.
And then event 408 again, after which the DNS service shuts down. I
can then manually start the DNS service and it stays up and is
functional. In addition to this the Intersite Messaging service is
not
starting, not sure if its related at all.
Thanks,
Jeff Bailey
.



.

.