We have two DC's on our internal network (one old and one new) we are trying to migrate to the new DC but the only thing stopping us is external DNS resolution does not work with the new DC unless under the DNS mmc we set it to forward to our old DC.
The firewall is open for DNS. We know this because on the new server when we do a nslookup and use "server 8.8.8.8" (google dns) it works. Set it back to itself and it does not work.
The old DC has been demoted and all internal DNS and DHCP has been moved to the new DC, only thing not working is external resolution. Any ideas of things i could try?
Does the new DC have root hints set?
Does the dns server have an entry for . ? If so delete it.
Thanks all for the answers.
Ended up being our firewall not allowing EDNS packets through.
I disabled EDNS using the below command and all is working now. Our firewall at production must allow these packets, just not the firewall in our office. I will need to investigate this further with our firewall manufacturer.