Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

DNS forwarders broken

Active Directory, Domain, DNS, WINS, DHCP, SBS, New Releases.
Post a reply

DNS forwarders broken

Postby guest » Thu Aug 02, 2012 10:04 am

Suggestions please. We have a Dell Poweredge 1900 running Windows SBS 2003 SP2. Running as a domain controller, DHCP, DNS, Exchange 2003. I was working with the DNS MMC and removed the forwarders thinking that using the ROOT servers was a faster solution. Shortly after these changes DNS stopped working for outside URLs. It is working for AD name resolution fine. I have since added back in the local DNS entries (2) for our ISP as forwarders but the problem still exists.

Your thoughts would be most helpful.

DCDIAG /test:dns Results:

====================================

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\CSE-DC
Starting test: Connectivity
......................... CSE-DC passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\CSE-DC

Running partition tests on : ForestDnsZones

Running partition tests on : DomainDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : cse

Running enterprise tests on : cse.local
Starting test: DNS
Test results for domain controllers:

DC: CSE-DC.cse.local
Domain: cse.local


TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 4.2.2.2 (<name unavailable>)
Error: Forwarders list has invalid forwarder: 4.2.2.3 (<name unavailable>)
Error: Root hints list has invalid root hint server: a.root-servers.net. (198.41.0.4)
Error: Root hints list has invalid root hint server: b.root-servers.net. (128.9.0.107)
Error: Root hints list has invalid root hint server: c.root-servers.net. (192.33.4.12)
Error: Root hints list has invalid root hint server: d.root-servers.net. (128.8.10.90)
Error: Root hints list has invalid root hint server: e.root-servers.net. (192.203.230.10)
Error: Root hints list has invalid root hint server: f.root-servers.net. (192.5.5.241)
Error: Root hints list has invalid root hint server: g.root-servers.net. (192.112.36.4)
Error: Root hints list has invalid root hint server: h.root-servers.net. (128.63.2.53)
Error: Root hints list has invalid root hint server: i.root-servers.net. (192.36.148.17)
Error: Root hints list has invalid root hint server: j.root-servers.net. (192.58.128.30)
Error: Root hints list has invalid root hint server: k.root-servers.net. (193.0.14.129)
Error: Root hints list has invalid root hint server: l.root-servers.net. (198.32.64.12)
Error: Root hints list has invalid root hint server: m.root-servers.net. (202.12.27.33)

Summary of test results for DNS servers used by the above domain controllers:

DNS server: 128.63.2.53 (h.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53

DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90

DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107

DNS server: 192.112.36.4 (g.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4

DNS server: 192.203.230.10 (e.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10

DNS server: 192.33.4.12 (c.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12

DNS server: 192.36.148.17 (i.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17

DNS server: 192.5.5.241 (f.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241

DNS server: 192.58.128.30 (j.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30

DNS server: 193.0.14.129 (k.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129

DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12

DNS server: 198.41.0.4 (a.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4

DNS server: 202.12.27.33 (m.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33

DNS server: 4.2.2.2 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 4.2.2.2

DNS server: 4.2.2.3 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 4.2.2.3

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: cse.local
CSE-DC PASS PASS FAIL PASS PASS PASS n/a

......................... cse.local failed test DNS
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 9027
Joined: Mon Nov 27, 2006 1:10 pm
Top

Re: DNS forwarders broken

Postby guest » Thu Aug 02, 2012 10:05 am

The public IP 4.2.2.2 & 4.2.2.1 is not the right forwarder to be used for your domain & using this generic forwarder can invite vulnerability to your domain. Contact your ISP & get the right forwarder which is authoritative for your domain. Root hints is used as just a referral to another top label DNS server where as forwarder used your ISP dns to resolve the external domain name query resolution & its faster than root-hints.


http://technet.microsoft.com/en-us/libr ... 10%29.aspx
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 9027
Joined: Mon Nov 27, 2006 1:10 pm
Top
Post a reply

Return to Windows

Your Ad Here

Who is online

Users browsing this forum: No registered users and 5 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group