1 00:00:00,640 --> 00:00:04,540 Troubleshoot DHCP and DNS Issues. 2 00:00:04,540 --> 00:00:06,960 Well first, let's take a look at DHCP. 3 00:00:06,960 --> 00:00:12,050 Now I had mentioned that on the exam, AZ‑801, these troubleshooting steps 4 00:00:12,050 --> 00:00:17,170 assume that you're doing DHCP locally. And that's true because the Azure 5 00:00:17,170 --> 00:00:22,710 wire server is responsible for DHCP on your virtual networks. Some tips 6 00:00:22,710 --> 00:00:27,010 that come directly from Microsoft include, number one, verifying that your 7 00:00:27,010 --> 00:00:31,560 DHCP server has been properly authorized to function in your Active 8 00:00:31,560 --> 00:00:33,540 Directory domain. 9 00:00:33,540 --> 00:00:37,340 Kind of embarrassing if this isn't true, but make sure that the DHCP 10 00:00:37,340 --> 00:00:42,430 server service is started. Also make sure that your scopes on the DHCP 11 00:00:42,430 --> 00:00:45,720 server are activated. In a routed environment, 12 00:00:45,720 --> 00:00:51,140 make sure that your routers are supporting DHCP relay or BOOTP forwarding. 13 00:00:51,140 --> 00:00:55,820 This allows DHCP broadcast traffic that typically is using UDP 14 00:00:55,820 --> 00:01:00,150 ports 67 and 68 to go through those interfaces. 15 00:01:00,150 --> 00:01:04,600 So this would allow a DHCP server on VLAN A to service 16 00:01:04,600 --> 00:01:08,540 machines that are on VLANs A, B, and C. 17 00:01:08,540 --> 00:01:12,570 From a client perspective, if a client comes up with an APIPA address, 18 00:01:12,570 --> 00:01:15,200 APIPA, of course, stands for Automatic Private IP 19 00:01:15,200 --> 00:01:20,330 Addressing, the range is 169.254.0.0/16. 20 00:01:20,330 --> 00:01:23,630 This is a very clear indicator that that client was unable to 21 00:01:23,630 --> 00:01:28,100 obtain a lease from a DHCP server, and that's useful information 22 00:01:28,100 --> 00:01:31,410 to know. Lastly, on the DHCP server, 23 00:01:31,410 --> 00:01:34,230 you'll want to look in both the system log, as well as the 24 00:01:34,230 --> 00:01:38,340 DHCP Server service log. Many of you know, 25 00:01:38,340 --> 00:01:42,870 Markman Minasi. He's retired now, but for the early part of my career, 26 00:01:42,870 --> 00:01:44,280 at least half of my career, 27 00:01:44,280 --> 00:01:46,770 he was the guru with Windows Server, and he would 28 00:01:46,770 --> 00:01:49,130 have various mantra expressions. 29 00:01:49,130 --> 00:01:52,890 One of them is it's always DNS. Whatever your problem is, 30 00:01:52,890 --> 00:01:56,340 it's going to affect DNS in some way or another. 31 00:01:56,340 --> 00:01:58,030 And I would agree with that. Here, 32 00:01:58,030 --> 00:02:01,960 I want to give you six examples of compiled executable and 33 00:02:01,960 --> 00:02:05,400 PowerShell commands that can be useful for troubleshooting 34 00:02:05,400 --> 00:02:07,760 DNS server and DNS client. 35 00:02:07,760 --> 00:02:12,440 We have good old nslookup that allows you to query to see what 36 00:02:12,440 --> 00:02:17,960 your client is using as its name server, or you could tap into 37 00:02:17,960 --> 00:02:23,270 the zone file of any reachable DNS server and verify resource 38 00:02:23,270 --> 00:02:25,260 records. On the PowerShell side, 39 00:02:25,260 --> 00:02:29,220 I really love Resolve‑DNSName. When I discovered this command, 40 00:02:29,220 --> 00:02:31,680 which embarrassingly wasn't all that long ago, 41 00:02:31,680 --> 00:02:33,660 I thought, wow, where have you been all my life? 42 00:02:33,660 --> 00:02:40,570 It's such a useful command. Test‑DNSServer reminds me a bit of the old DCDiag. 43 00:02:40,570 --> 00:02:46,020 It's a multi‑use tool to run verification checks against a Windows 44 00:02:46,020 --> 00:02:52,520 Server‑based DNS server. Clear‑DnsClientCache is similar to ipconfig 45 00:02:52,520 --> 00:02:56,440 /flushdns. It's just in many ways a wrapper for that. 46 00:02:56,440 --> 00:03:02,450 We can always use ipconfig, and I do just about every day. And then lastly, we 47 00:03:02,450 --> 00:03:06,590 can look at our interfaces and review their client settings. 48 00:03:06,590 --> 00:03:17,000 So, as you see here, we have a healthy mix of client and server‑side command‑line tools for troubleshooting purposes.