DNS Secondary Zone missing after reboot

[Gary Turner]

I have a Win2K server which acts as a seconday DNS for a number of AD
integrated DNS servers which are at client sites and whom I support via
VPN's on broadband connections, hence by having a secondary locally I can
resolve remote machine IP from my site. The remote servers notify mine of
any changes and this solution works very well.

Except for one site, when I setup the secondary DNS entry initaially all is
fine notifications are passed back and this zone operates exactlty the same
as the other ones I have created. However whenever I reboot the server at my
end the zone goes missing, there is no evidence of it left in the DNS MMC.
If I then re-add the zone everything is fine until the next reboot.

The server is was W2K SP3 & is now SP4, can anyone suggest the cause of this
?

Many thanks

Gary Turner

 

[David Adner]

Was the zone ever AD-integrated on this server?

 

[Kevin D. Goodknecht [MVP]]

In Gary Turner <[email protected]> posted a question
Then Kevin replied below:
: I have a Win2K server which acts as a seconday DNS for a number of AD
: integrated DNS servers which are at client sites and whom I support
: via VPN's on broadband connections, hence by having a secondary
: locally I can resolve remote machine IP from my site. The remote
: servers notify mine of any changes and this solution works very well.
:
: Except for one site, when I setup the secondary DNS entry initaially
: all is fine notifications are passed back and this zone operates
: exactlty the same as the other ones I have created. However whenever
: I reboot the server at my end the zone goes missing, there is no
: evidence of it left in the DNS MMC. If I then re-add the zone
: everything is fine until the next reboot.
:
: The server is was W2K SP3 & is now SP4, can anyone suggest the cause
: of this ?
:
: Many thanks
:
: Gary Turner

It is probably not getting its zone transfers for some reason and Default AD
zones expire in one day.
Most likely yours is not being notified, or if your secondary is not
connecting to the primary from the IP that zone transfers are being allowed
to. Expected behavior if your secondary is behind NAT with more than one
public IP address. This also happens if your secondary is on a multihomed
machine.
Zone transfer are only made if your secondary connects from the IP that is
in the allowed list on the primary. If you look at the event log on the
Primary to find out what IP your secondary is connecting from, provided it
is being notified, your DNS server will log that. Look in your DNS event log
for 6522(notification), 3150(transfer started), 6001(transfer complete) and
6525(transfer refused). You will see a 6522 just before a 6525 for a
notification and a refusal.

 

[Gary Turner]

David

I may have initially set the zone as being AD integrated at my end, but this
was deleted a long time ago and the secondary with notifaction used. At the
far end (primary) this is AD integrated.

Gary

 

[David Adner]

Can you tie the removal with when the DC replicates AD? I vaguelly
recall an issue where a previously AD integrated zone disappears for
some reason. I'm trying to remember more, but it's not coming to me.