Hello,
I newly created a smb Network. I bought 2 HP-V1910 24G Switches and created some VLAN's. On each Switch I created the following VLAN's:
- VLAN 1: 192.168.100.0/24 GW: 192.168.100.254 (Default and Admin-VLAN)
- VLAN 10: 192.168.1.0/24 GW: 192.168.1.254 (The old Net)
- VLAN 102: 192.168.2.0/24 GW: 192.168.2.254 (The new SERVER-Net)
- VLAN 103: 192.168.3.0/24 GW: 192.168.3.254 (The new CLIENT-Net)
Switch Nr. 1 has the IP 192.168.100.254 (VLAN 1) and Switch Nr. 2 has the IP 192.168.100.2 (VLAN 1).
At Switch Nr. 1 I created all VLAN-Interfaces (that one should be the router too) and a static Default route to my Firewall (0.0.0.0/0 192.168.2.1 in VLAN 102). At Switch Nr. 2 I only created a Default route to 0.0.0.0/0 192.168.100.254 (Switch Nr. 1). On my Firewall I made a Return-Route to 192.168.0.0/16 with Gateway 192.168.2.254.
My new Windows 2012 Server and DC's resist in 192.168.2.0/24 Net all configured with Standard-Gateway 192.168.2.254. BPA for DNS now said that no root Servers will be reachable.
At my first DC (with DNS) 192.168.2.10 I've done a ping to 198.41.0.4, this works very well and fast (root-server). Then I've done a ping -a 198.41.0.4 and the answer was with the correct hostname [a.root-servers.net] 198.41.0.4. But if i try to do nslookup -type=NS . 198.41.0.4 the Server reports a timeout (2 Seconds). So I tried to increase the timeout to 20 seconds. Then the Server will Report a Server fail for the Domain (dot) "."
So I thought it will be DNSSEC (Packets will be caught in Firewall oder will be to small), but that's not the cause (tried all). After all I tried in DNS properties the local and recursive test. The local test is successful, but the recursive is fail. DNS-Server are configured without forwarders, on Firewall i tried both Settings: With DNS-Proxy enabled and disabled, no result. I tried to disable IPv6-NIC in DNS-Settings i tried to directly go to Firewall (192.168.2.1 as Default-Gateway), everything without a better result.
IP-Config on DNS-Server 1 is:
- IP 192.168.2.10
- Mask 255.255.255.0
- GW: 192.168.2.254
- DNS1: 192.168.2.10
- DNS2: 192.168.2.11
- DNS3: 127.0.0.1
IPv6 is configured as Auto (link-local).
Am I blind? So where is my Problem to recursive DNS Queries?
Thank you in advance.