Windows server network interface priority, DNS and Exchange “554 5.4.4″

My friend´s Exchange 2013 implementation was experiencing problem with e-mail delivery. E-mails were returned from inside as well as outside of organization with NDR pointing to DNS failure.

I was investigating this issue, but not all e-mails were lost. Only some of those. I knew, that there was a change recently, that new network interface for VPN connection has been added to Exchange server.

Symptoms:

DNS for next hop is not resolvable returning DNS error

“554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain”.

Investigation:

I started to investigate what could cause the problem. It was DNS error, so I started to use NSLOOKUP tool and tried to resolve DNS name for next hop domain. The answer was different, then I thought it would be. I have received Time Out answer from VPN DNS server, even there is another DNS server set in production environment. I realized from my previous Exchange 2010 projects, that priority of network interfaces is added from Highest to lowest based on sequence interfaces are added to system. So for example if you configure Production network interface before Replication, Replication interface will get higher priority and if you use DNS servers in your replication network (for whatever reason), wrong DNS server will answer to your request and this might lead to unexpected failures.

Now the naughty stuff:

If you use IPv6, you are still OK, since IPv6 DNS servers will answer even though Replication interface has higher priority then production one.

If you disable IPv6 on your interfaces, you have troubles. Once interface priority is changed to incorrect order, you will not be albe to at least resolve DNS queries correctly. Incorrect priority might also lead to packet loss.

Solution:

Very simple:

  • Right click network icon in notification area (right low corner) of your server and click Open Network And Sharing Center
  • Click on Change Adapter Settings
  • Press ALT key and select Advanced -> Advanced Settings
  •  In the Advanced Settings window select interface with incorrectly set priority and press arrows to move interface to correct place

Results before priority change

priority_before

priority_before_cmd

Results after priority change

priority_after

priority_after_cmd