This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 61%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
I am a somewhat experienced sys admin, who has built a number of DCs among other servers before, and never have I ever had trouble getting simple DNS lookups working.. Thanks in advance for any help.
I did a clean install of Server 2019, essentials first before trying another clean install using standard.
I have an entirely clean slate, no other roles or applications installed at this point.
I have not installed AD DS or attempted to promote to a DC yet, am only trying to get DNS working.
I have two intel i210 adatpers, one disabled during testing, the other with a static IP. The DNS which is pointing to that same static IP address.
I install DNS, I create a forward lookup zone with nothing fancy, set as a "primary zone", dyanmic updates disabled.
After rebooting for good measure, open cmd, and try pinging google.com.. "could not find host"
nslookup returns "server: localhost, 127.0.0.1"
nslookup 1.1.1.1 returns "server: localhost, 127.0.0.1, dns request time out, request to localhost timed-out"
Strange part is I can ping a hostname from another server on the internal network and that resolves with the correct IP address.
Cheecking the DNS application logs, I see errors 408, 407 and 404. 408 seemingly being the most telling:
408: The DNS server could not open socket for address 192.168. 1.10. Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces.
The static IP address I have configured on the adapter IS most certianly valid, correct subnet, no other device using that IP address (of which I have tried several now, and is not actually .1.10).
Googling the error suggests that this problem is purely due to NAT being installed and active on the same interface.. Again, I have a completley clean slate, no other roles or anything installed besides drivers.
I have tried using both adapters, with the same result. I have also tried pairing the two togeather in a team, and attempting to configure the virtual NIC for use with DNS and same exact result.
I have also tried performing a new install of the DNS role following the exact same steps above, on my home server which is a cheap mini PC based on a Celeron N5105 and a realtek NIC - worked perfectly right out of the box, the first time, no mucking around. Took me 5 minutes to deploy, and was able to ping any external website address after adding a forward lookup zone and pointing the DNS back at itself...
I have read that using a faulty or off-brand NIC as the interface for DNS might cause this? But if both i210s are producing the same issue - and my cheapo home unit with a realtek NIC works great - then what the heck is the problem here??
I have not installed AD DS or attempted to promote to a DC yet. The DNS which is pointing to that same static IP address.
The only way for that to work is if the server has the DNS role installed which is a part of domain controller promo.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I tried doing so, which does create both a forward and lookup zone as part of the active directory structure... Sadly the DNS errors, and inability to resolve any addresses is still an issue even when doing so.
As mentioned at the end of my post, I was able to sucessfully deploy DNS on another server, also without AD DS, and it worked just fine hence my confusion as to the problem with this machine :/
I had gone through creating a whole new domain and everything before realizing the DNS was not working only when attempting to join that new domain from a client. That client then could not resolve the domain or anything.
I tried doing so, which does create a forward and reverse lookup zone as part of the activce directory structure yes... Sadly, the inability to resolve any web site addresses when pinging, and the DNS errors are all still an issue.
As mentioned in the end of my post, I had tried this same process - without creating an active directory structure - on another machine, and DNS started working like a charm right away, hence my trouble on this box :/
I'd check the event logs for clues.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I did. I have error 408, 407 and 404
It seems the solution is to remove/uninstall NAT? But I don't have this installed, the ONLY role currently installed is DNS.
At the end of that post someone suggests that an M2 NVMe drive might be the issue? I can confirm that the problem machine is booting to an NVMe drive, whereas my home build I tested DNS on sucessfully is a SATA boot disk. I don't understand how that possibly could be relevant, but I'm out of other ideas..
Multi-homing a domain controller / DNS server will always cause no end to grief for active directory DNS. Should have worked without a hitch. I'd be inclined to clean install it and try again.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I have several times now. I abandoned AD DS entirely after my last clean install. Only trying to get basic DNS forward lookup zone working at this point. If I can ping google.com and have it resolve, I would consider that success.
I am following these exact steps, and on one build it works, and on the other it does not. I don't know why an NVMe boot disk would be causing this, but that's what someone suggested here:
I have several times now. I abandoned AD DS entirely after my last clean install. Only trying to get basic DNS forward lookup zone working at this point. If I can ping google.com and have it resolve, I would consider that success.
I am following these steps just to do this:
I don't have any idea why an NVMe OS drive would make a bit of difference here, but at the end of this post it seems to suggest this might be the issue:
Sounds good, may have better luck with Windows Server Standard. Essentials has some quirks to where it will want to become a root domain controller.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I tried a clean install of Standard thinking that might be the case. Standard is producing the same exact issue too though :/
I really hate to drive 3 hours to go rip out a NVMe drive in place of a SATA that just seems so unlikely to be the issue to me.
The disk has nothing to do with the problem. Simpler solution may be to stand up a domain controller rather than fight with what you've got.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I'm not sure what you mean by that?
Just suggesting to install a windows server standard image, patch fully, then add active directory domain services with integrated DNS role.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--