Jeez, I have no idea why, but deleting the zone completely and re-adding it fixed it. Maybe I just fat fingered something, but I triple checked my spelling. I may just be going crazy or blind – both possibilities ;)
I appreciate the input and troubleshooting steps. I'll add those to my list for next time I run into this. Thanks guys… From: Jeff Rensink <[email protected]<mailto:[email protected]>> Date: Friday, January 31, 2014 3:46 PM To: Jay Killion <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [OSL | CCIE_Wireless] DNS Troubleshooting It looks like you have things configured correctly. But the DNS resolution isn't quite happening. Here are a few things that I would try. Go to the WCS server, open a command prompt, and try to ping "cisco-capwap-controller.proctorlabs.com<http://cisco-capwap-controller.proctorlabs.com>". If it cannot resolve, you may have entered the A record incorrectly. If that works, then double-check the DHCP scope config for your AP. Make sure you remembered to put in a default gateway for the scope and that it's correct. If that's good, can the AP ping its default gateway? If the gateway entry is in the DHCP scope and the default gateway is pingable from the AP, try re-entering the domain suffix in the DHCP scope config, ensuring it doesn't maybe have a hidden space or something. One thing I've seen is that pings work, even if you have bad subnet masks or bad/missing default gateways on the APs. They tend to get help from the switches to make it work. But the UDP/TCP traffic doesn't get the same help. So just because a ping works doesn't necessarily mean that the DNS requests are getting to the server. Regards, Jeff Rensink : Sr Instructor : iPexpert<http://www.ipexpert.com/> CCIE # 24834 :: Wireless / R&S :: World-Class Cisco Certification Training Direct: +1.810.326.1444 :: Free Videos<http://www.youtube.com/ipexpertinc> :: Free Training / Product Offerings<http://www.facebook.com/ipexpert> :: CCIE Blog<http://blog.ipexpert.com/> :: Twitter<http://www.twitter.com/ipexpert> On Fri, Jan 31, 2014 at 3:32 PM, Jay Killion (jakillio) <[email protected]<mailto:[email protected]>> wrote: Hi all - I have very little experience with DNS, so when I have an issue I'm not really sure what to troubleshoot (after L1 – 3). For example, I'm currently trying to have an AP find a controller via DNS but having issues. 1 – I verify L1 – 3. The AP is getting an IP and can ping the DNS server, and vice versa. 2 – Console to the AP and see it is trying to resolve the correct name to the correct IP Translating "CISCO-CAPWAP-CONTROLLER.proctorlabs.com<http://CISCO-CAPWAP-CONTROLLER.proctorlabs.com>"...domain server (10.10.210.6) 3 – Double check my DNS forward lookup zone. It is "proctorlabs.com<http://proctorlabs.com>", with an "A" record of "CISCO-CAPWAP-CONTROLLER" translating to 10.10.112.10. 4 – I verify DNS service is running on the server. 5 – Restart the DNS service. Still no luck. 6 – Delete the zone and recreate. 7 – Reboot the Win2K3 server. Still not working. 8 – Look for anything wonky in the preconfigured switch, like an ACL on one of the SVI's blocking DNS. Nothing… At this point I can't think of anything else to even troubleshoot. In the actual lab, I would likely just resort to option 43 to get the AP's connect and simply know I was throwing away points. What else would you look at that I may have missed? Thanks Jay Killion, CCIE #17873 _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc<http://www.youtube.com/ipexpertinc>
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
