Client PC DNS and server NICS

[Guest techyguyni]

Hi Guys

 

I had a standard onboard NIC in my server 2012 R2 Essentials box and have added a dual NIC into the box, I have 2 Hyper-v machines runnning on demand, one for a website and the other acting as a WDS server, both are running edditions of server 2008r2 and server 2012 standard.

 

The problem is this, My desktop computers are taking the ip address from the dual nic and using it as there primary DNS server, the desktop and laptops used to use the onboard nics address as there primary dns.

 

Is there a way I can have them use the onboard nic ip as there dns? I have manually changed the dns settings on all computers but they revert back after a restart.

 

The whole point in adding the dual nic into the server was to give a dedicated communication link from the firewall to the vm's not to share out over my network.

 

any help would be great.

 

thanks 

[jmwills 284]

You hard coded the DNS and it changed?  Can you post the result of an ipconfig /all?

[Guest techyguyni]

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DC1
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local

Ethernet adapter vEthernet (D2):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3
   Physical Address. . . . . . . . . : 00-1A-4B-AE-67-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.45(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 01 May 2014 15:08:55
   Lease Expires . . . . . . . . . . : 28 April 2024 15:08:53
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.39
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter vEthernet (D1):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
   Physical Address. . . . . . . . . : 00-1A-4B-AE-67-48
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.44(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 02 May 2014 09:08:47
   Lease Expires . . . . . . . . . . : 29 April 2024 09:08:49
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.39
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 94-DE-80-C6-2F-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.39(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 01 May 2014 15:08:55
   Lease Expires . . . . . . . . . . : 28 April 2024 15:08:53
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{13E92914-46F6-4329-A840-2C5FCCACF5EF}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A15B874A-D090-44CB-A4CD-68093338C5BB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FEA0B076-F2F0-4E91-8125-2EEC8C4A5E10}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

ip address are given out from my firewall (dhcp) above is the output from cmd for ipconfig /all

[jem101 17]

I'm going to guess that your desktop computers are all domain members and if so then this is an unfortunate by-product of the infamous DNS autoconfiguration 'feature'

 

What's happening here is that your host server has three network cards now and they are all getting IP addresses from the router - specifically .39, .45 and .45 (why do you have a 10 year lease time?) Now as far as the DC is concerned, all three of these are equally valid and what does the DNS autoconfig service do on an Essentials client? It keeps (helpfully) making sure that the client DNS is pointing to the server address, any server address!

 

So what do we do?

 

As you say, two of the interfaces are intended just for virtual machines so you need to make sure that host doesn't see them. Go into the Hyper-V management console, where you configure the virtual switch settings for the VMs and untick the option to allow the management operating system to share this network adapter.

 

Make sure you only untick the interfaces specifically for the VMs, if you accidentally untick the one which the host should be using- looks like .39 from the ipconfig listing - if you do that then you will cut off your own connection to it - and believe me that's not at all fun, especially when you accidentally do it on a server that's 200 miles away!

 

John

[jmwills 284]

That could possibly be the issue as that setting is there by default.  I have 4 NICs in my Server 2012 box but DNS is coming from the router.

 

However, now that I think back I still have a 2012 Essentials R2 server as a VM and had a client connected to it and saw no issues like this one described.

[Guest techyguyni]

isp router - hardware firewall - switch - server and desktops, my network is layed out like that, dhcp is coming from the firewall not the router

[ikon 439]

I agree with jem101 and jmwills re: your NICs. Particularly if you're having issues, you need to isolate the NICs to see what is affecting what. So, yes, stop sharing the VM NICs with the host OS; only have 1 NIC for the OS. That should go a long way to figuring out what's happening.

 

re: the 10 year DHCP lease: why not? what could it possibly hurt in a home environment? I am completely baffled by posts that recommend lease times in hours or days in a home LAN (of which there have been a few on these forums). Short lease times are specifically for situations where there are more lessees than there are available addresses: eg. Internet ISPs. If there is some good reason for short leases in a home LAN, please enlighten me, cause it's always been a puzzle.

[Jason 84]

Mine DHCP lease time currently set to the default time of 2 days. I may now increase this interval on my WSE12R2 box.

[ikon 439]

I remember working out a formula years ago that was based on the renewal intervals Microsoft used for DHCP leases. I made the lease time an even multiple of those intervals. It worked out to something like 7 months, 7 days, etc. I don't recall the exact time any more, and no longer have the inclination to rework the calculations.

[Poppapete 104]

Will this work?

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Server\Networking\ServerDiscovery
then change “SkipAutoDNSServerDetection” from False to True.

 

as proscribed by Tinkertry and set your DNS servers as you want. I think this must be implemented before a client joins the domain or maybe it won't even work with a domain client!?

 

By the way what hardware firewall are you using.

Edited May 2, 2014 by Poppapete