Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I have recently setup a Win2000 Server DC. Im having a problem in the network where the internal DNS is resolving the server name to an odd ip address. The ip it resolves to changes too. So I know that somewhere there is some conflicting updates.
Server ip is 172.16.4.2 static. server01 is the name.
It is running DHCP and DNS.
Clients are running XP Pro.
Here is an example:
From Client PC:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.C:\Documents and Settings\Gabe.COMPANY1>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : GABEG
Primary Dns Suffix . . . . . . . : Company1.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company1.net
Company1.netEthernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Company1.net
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
Physical Address. . . . . . . . . : 00-16-76-8B-85-D5
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 172.16.4.12
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.4.1
DHCP Server . . . . . . . . . . . : 172.16.4.2
DNS Servers . . . . . . . . . . . : 172.16.4.2
Primary WINS Server . . . . . . . : 172.16.4.2
Lease Obtained. . . . . . . . . . : Tuesday, November 11, 2008 1:03:21 P
M
Lease Expires . . . . . . . . . . : Tuesday, November 18, 2008 1:03:21 P
M------
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.C:\Documents and Settings\Gabe.COMPANY1>ping server01
Pinging server01 [172.16.4.2] with 32 bytes of data:
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128Ping statistics for 172.16.4.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0msC:\Documents and Settings\Gabe.COMPANY1>ping server01
Pinging server01 [172.16.4.28] with 32 bytes of data:
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255
Reply from 172.16.4.28: bytes=32 time=1ms TTL=255
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255Ping statistics for 172.16.4.28:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms-----------
If I repair the network connection or flush dns, the initial ping server01 address will resolve correctly (172.16.4.2) for a few seconds. But then immediately somewhere it gets a change to redirect to an odd address that is currently assigned to a small print server appliance. The second ping then resolves to 172.16.4.28. DHCP had assigned 172.16.4.28 to the print server. Yet dns is pointing to the 172.16.4.28 for resolution of the server01 DC.
Im stumped! Any help appreciated.
Thanks!
First step is always to document your ip plan.
Without documenting it the usual mistake is to include those statically assigned addresses in the dhcp scope. Dhcp updates dns which further complicates things because you now have invalid dynamic dns entries.
Does the server have two nics and are both connected to the network?
This dhcp entry is incorrect
"DNS Suffix Search List. . . . . . : Company1.net
Company1.net"
There should only be one listing.Start by disabling dhcp dynamic updates to dns. Correct the dns entries manually.
Review your dhcp scope.
Usual layout of a ip plan is as follows:
x.x.x.1-19 static for routers/switches
x.x.x.20-29 static for servers
x.x.x.30-39 static for network printers
x.x.x.40-254 dhcp scope for pcs/everything elseMake sure your internet router isn't also doing dhcp.
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0 
>>>Does the server have two nics and are both connected to the network?
Yes it does have two NICs, although I did disable one to avoid possible issues. I do not have any outside interfaces on the server01.
I have disabled DHCP from updating to DNS.
How do I correct the DNS entries manually?
I setup the scope to be:
xx.xx.xx.1-5 static
xx.xx.xx.6-100 dynamicAll devices that could possible be giving out DHCP have been verified as disabled. The routers, pix firewall, etc.
thanks for the response!
0
"xx.xx.xx.1-5 static"
don't put in dhcp scope at all.
In DNS server via mmc console in the right pane you can go to properties and edit the host entries under your namespace and in forward lookup zone.
In the left pane you can add new host records if you desire.
I would suggest you reboot the server and then ping the server name again to see if we have different results.
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0
Scope is 5-100 currently.
I just added an entry in the forward lookup zone for the server01 to resolve to the static IP.
In DHCP i just added a reservation entry for server01 to the static 172.16.4.2
I still have the DHCP not updating to DNS, should I re-activate that now?
thanks!
0
Rebooted server and still getting the same problem on clients:
C:\Documents and Settings\Gabe.COMPANY1>ping server01
Pinging server01 [172.16.4.2] with 32 bytes of data:
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128
Reply from 172.16.4.2: bytes=32 time<1ms TTL=128Ping statistics for 172.16.4.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0msC:\Documents and Settings\Gabe.COMPANY1>ping server01
Pinging server01 [172.16.4.28] with 32 bytes of data:
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255
Reply from 172.16.4.28: bytes=32 time=1ms TTL=255
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255
Reply from 172.16.4.28: bytes=32 time<1ms TTL=255Ping statistics for 172.16.4.28:
------
Starts out on the right track then immediately resolves to bad address.
?
0
"In DHCP i just added a reservation entry for server01 to the static 172.16.4.2"
Don't do that. You only would do that if the servers ip was set to be a dhcp client.
Don't enable dynamic updates yet. In DNS both forward and reverse lookup zone have no entries for x.x.x.28?
review PC hosts files for this invalid entry
do a ipconfig /all on the server and post the results here.
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0
Sorry just learning as I go. Yes, I did delete the reservation as it is not needed, since the static address is outside the scope.
I have not reviewed each and every hosts file on each client, but I did enter an entry on the hosts file to make sure at least my client resolves correctly. I figured as a quick fix I would hardcode the server ip in the host file of each client that is having a problem until i identify where the rogue entry is coming from.
Server ipconfig/all:
C:\Documents and Settings\Administrator>ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : company1
Primary DNS Suffix . . . . . . . : Company1.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company1.netEthernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0D-9D-57-99-D3
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.16.4.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.4.1
DNS Servers . . . . . . . . . . . : 172.16.4.2C:\Documents and Settings\Administrator>
0
What happens when you ping from the server
172.16.4.28?what is the host name when you ping -a 172.16.4.28 from a workstation?
I would suspect a typo in a hosts or lmhosts file at this point if the host name comes back as the servers name.
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0
I have since changed the IP of the small print server that did have the .28 address. The address does not ping at all anymore.
When I ping server01 it still attempts to resolve to 172.16.4.28 but times out with no response now. As there is no device at the IP.
so the ping -a and pings you suggested return no response now.
0
what was the print servers name?
now if you ping server01 all you get is the correct ip?
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0
the print servers name is xeroxp1210, i have since given it a static address of 172.16.4.122
but at a client workstation if i ping server01 it still tries to ping 172.16.4.28 (an inactive and unused ip) and will now time out, as there is no response at .28
0
Have you reviewed the Wins database?
There are only three places left where this info is coming from
Wins
Hosts
Lmhostsreboot a pc. go to a cmd prompt and type nbtstat -r
is the server01 listed?Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0
Im not actually running WINS on the server. lmhosts and hosts on the server are good and they are blank on the workstations.
I have added the entries in hosts file of the workstations that are resolving incorrectly to force them to resolve to 172.16.4.2. That fixes it but doesnt explain why they internal dns is not functioning properly.
0
It helps when trying to solve a mystery to not jump ahead. The point wasn't to "fix" the problem until you locate the source of the problem. This is a fundamental principle in troubleshooting.
Once we had done the nbtstat -r we would have moved on to a tracert of that rouge ip to determine its source.
I would have been interesting to see what the results would have been if the server was shutdown and you ran these tests.
We didn't know if the source of the issue was the workstations or the server.
But with the issue "fixed" we can't run valid tests.
Example of Oxymoron:
Person who is pro life and anti sex education.
Education is key to prevention. Prevent conception you prevent abortion.Abstinence training clearly isn't working.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
