Event ID: 3000

Discussion in 'Microsoft Windows 2000 DNS' started by Dave Onex, Dec 4, 2009.

  1. Dave Onex

    Dave Onex Guest

    Hi Folks;

    I have 3 internal Windows 2000 DNS Servers and they are all correctly
    configured.
    I know, you've heard that before but try to believe it :)

    Two of them are domain controllers and have no issues. The 3rd is a
    secondary to the primary domain controller. It can accept transfers from
    both domain controllers.

    Every once in a while that one machine coughs up a Event ID: 3000 error;

    The DNS server is logging numerous run-time events. For information about
    these events, see previous DNS Server event log entries. To prevent the DNS
    Server from clogging server logs, further logging of this event and other
    events with higher Event IDs will now be suppressed.

    It's the only server that reports this warning. The other servers have clean
    logs. DNS works perfectly and I'd be really surprised if a person could find
    anything wrong with it.

    Does anyone know what that error actually means and how to get rid of it?
    It's one of the last errors in any of the even logs on all of my servers :)

    Best & Thanks;
    Dave
     
    Dave Onex, Dec 4, 2009
    #1
    1. Advertisements

  2. "Dave Onex" <> wrote in message
    news:u%23$vU%...
    > Hi Folks;
    >
    > I have 3 internal Windows 2000 DNS Servers and they are all correctly
    > configured.
    > I know, you've heard that before but try to believe it :)
    >
    > Two of them are domain controllers and have no issues. The 3rd is a
    > secondary to the primary domain controller. It can accept transfers from
    > both domain controllers.
    >
    > Every once in a while that one machine coughs up a Event ID: 3000 error;
    >
    > The DNS server is logging numerous run-time events. For information about
    > these events, see previous DNS Server event log entries. To prevent the
    > DNS
    > Server from clogging server logs, further logging of this event and other
    > events with higher Event IDs will now be suppressed.
    >
    > It's the only server that reports this warning. The other servers have
    > clean
    > logs. DNS works perfectly and I'd be really surprised if a person could
    > find
    > anything wrong with it.
    >
    > Does anyone know what that error actually means and how to get rid of it?
    > It's one of the last errors in any of the even logs on all of my servers
    > :)
    >
    > Best & Thanks;
    > Dave
    >
    >


    Dave,

    Please post an ipconfig /all of all three. Let us evaluate your DCs' configs
    for any issues.

    No such thing as a "secondary" domain controller. They are all replicas.
    Some DCs hold certain roles than others, but that's the only difference.
    Unless you mean there's a Secondary Zone on it pulling DNS zone transfers
    from one of the other DCs? If so, what zone is that?

    Are all DCs in one AD Site or location?

    EventID 3000 can mean a number of things.
    http://eventid.net/display.asp?eventid=3000&eventno=297&source=DNS&phase=1

    To help diagnose the EventID 3000 issue will require configuration
    information, an elaborate description of the AD zone on each DC, whether
    they are AD integrated, what replication scope each DC thinks the zone is in
    (look at the zone properties), or if truly a Secondary Zone exists on that
    one DC and the others are AD Integrated. If the latter is the issue, I can
    see why you are seeing 3000s in the logs.

    Are there any other errors in any other Event logs, such as the NTFRS, app,
    system or any other logs?

    Have you ran the following lately? If not, please do so and post any fails
    or errors.
    dcdiag /v /fx > c:\dcdiag.txt
    netdiag /v /fix > c:\netdiag.txt
    replmon /showreps


    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among
    responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
    2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer

    For urgent issues, please contact Microsoft PSS directly. Please check
    http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MCT], Dec 5, 2009
    #2
    1. Advertisements

  3. Dave Onex

    Dave Onex Guest

    Hi Ace!

    All DNS servers/DC's are all on the same network in the same location on the
    same subnet.
    They're actually all sitting on top of each other in a rack :)

    Here's an overview;

    Backup is what I consider the PDC. It's AD integrated on the first zone
    because it's a DC
    There are 3 zones, and they are all primary.

    NS1 is also a DC so it has an AD integrated root zone
    It also has 2 other zones - these are Secondary (Backup is primary for
    those).

    Neither of these machines has any issues.

    The third machine is Mail. It's a secondary for all 3 zones and can accept
    transfers from either of the DC's.

    Here's a complete breakdown on the Servers.

    =========================================
    This is the first DC - all zones are Primaries and it's AD integrated
    =========================================

    Machine = Backup (.70)
    Role = Domain Controller
    O/S = Windows 2000

    Windows 2000 IP Configuration

    Host Name . . . . . . . . . . . . : backup
    Primary DNS Suffix . . . . . . . : askmarvin.ca
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : askmarvin.ca

    Ethernet adapter NIC Team:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : HP Network Team #1
    Physical Address. . . . . . . . . : 00-08-02-54-DA-77
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.70
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.25
    DNS Servers . . . . . . . . . . . : 192.168.1.70
    192.168.1.50
    Primary WINS Server . . . . . . . : 192.168.1.70

    =========================================
    This is the Second DC - the root domain is Primary and it's AD integrated
    The 2 other zones are secondary - they pull from the Master (above)
    =========================================

    Machine = NS1 (.50)
    Role = Domain Controller
    O/S = Windows 2000

    Windows 2000 IP Configuration

    Host Name . . . . . . . . . . . . : ns1
    Primary DNS Suffix . . . . . . . : askmarvin.ca
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : askmarvin.ca

    Ethernet adapter Team 1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : BASP Virtual Adapter
    Physical Address. . . . . . . . . : 00-06-5B-F7-25-56
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.54
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    IP Address. . . . . . . . . . . . : 192.168.1.53
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    IP Address. . . . . . . . . . . . : 192.168.1.50
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.25
    DNS Servers . . . . . . . . . . . : 192.168.1.50
    192.168.1.70
    Primary WINS Server . . . . . . . : 192.168.1.70

    =========================================
    Note:
    None of the Domain Controllers have any errors in their event logs
    They are as happy as clams :)
    =========================================

    Machine = MAIL (.60)
    Role = Mail Server & Secondary DNS Server
    O/S = Windows 2000

    Windows 2000 IP Configuration

    Host Name . . . . . . . . . . . . : mail
    Primary DNS Suffix . . . . . . . : askmarvin.ca
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : askmarvin.ca

    Ethernet adapter NIC Team:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : HP Network Team #1
    Physical Address. . . . . . . . . : 00-0E-7F-B4-77-81
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.60
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.25
    DNS Servers . . . . . . . . . . . : 192.168.1.60
    Primary WINS Server . . . . . . . : 192.168.1.70
    =========================================
    Note:
    This is the machine that randomly reports the error.
    It's entirely configured as a secondary and can accept zone
    transfers from either of the two DC's. Error below;

    The DNS server is logging numerous run-time events. For information about
    these events, see previous DNS Server event log entries. To prevent the
    DNS Server from clogging server logs, further logging of this event and
    other
    events with higher Event IDs will now be suppressed.
    =========================================

    Best & Thanks;
    Marvin





    "Ace Fekay [MCT]" <> wrote in message
    news:...
    > "Dave Onex" <> wrote in message
    > news:u%23$vU%...
    >> Hi Folks;
    >>
    >> I have 3 internal Windows 2000 DNS Servers and they are all correctly
    >> configured.
    >> I know, you've heard that before but try to believe it :)
    >>
    >> Two of them are domain controllers and have no issues. The 3rd is a
    >> secondary to the primary domain controller. It can accept transfers from
    >> both domain controllers.
    >>
    >> Every once in a while that one machine coughs up a Event ID: 3000 error;
    >>
    >> The DNS server is logging numerous run-time events. For information about
    >> these events, see previous DNS Server event log entries. To prevent the
    >> DNS
    >> Server from clogging server logs, further logging of this event and other
    >> events with higher Event IDs will now be suppressed.
    >>
    >> It's the only server that reports this warning. The other servers have
    >> clean
    >> logs. DNS works perfectly and I'd be really surprised if a person could
    >> find
    >> anything wrong with it.
    >>
    >> Does anyone know what that error actually means and how to get rid of it?
    >> It's one of the last errors in any of the even logs on all of my servers
    >> :)
    >>
    >> Best & Thanks;
    >> Dave
    >>
    >>

    >
    > Dave,
    >
    > Please post an ipconfig /all of all three. Let us evaluate your DCs'
    > configs for any issues.
    >
    > No such thing as a "secondary" domain controller. They are all replicas.
    > Some DCs hold certain roles than others, but that's the only difference.
    > Unless you mean there's a Secondary Zone on it pulling DNS zone transfers
    > from one of the other DCs? If so, what zone is that?
    >
    > Are all DCs in one AD Site or location?
    >
    > EventID 3000 can mean a number of things.
    > http://eventid.net/display.asp?eventid=3000&eventno=297&source=DNS&phase=1
    >
    > To help diagnose the EventID 3000 issue will require configuration
    > information, an elaborate description of the AD zone on each DC, whether
    > they are AD integrated, what replication scope each DC thinks the zone is
    > in (look at the zone properties), or if truly a Secondary Zone exists on
    > that one DC and the others are AD Integrated. If the latter is the issue,
    > I can see why you are seeing 3000s in the logs.
    >
    > Are there any other errors in any other Event logs, such as the NTFRS,
    > app, system or any other logs?
    >
    > Have you ran the following lately? If not, please do so and post any fails
    > or errors.
    > dcdiag /v /fx > c:\dcdiag.txt
    > netdiag /v /fix > c:\netdiag.txt
    > replmon /showreps
    >
    >
    > --
    > Ace
    >
    > This posting is provided "AS-IS" with no warranties or guarantees and
    > confers no rights.
    >
    > Please reply back to the newsgroup or forum for collaboration benefit
    > among responding engineers, and to help others benefit from your
    > resolution.
    >
    > Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
    > 2003/2000, MCSA Messaging 2003
    > Microsoft Certified Trainer
    >
    > For urgent issues, please contact Microsoft PSS directly. Please check
    > http://support.microsoft.com for regional support phone numbers.
    >
    >
    >
     
    Dave Onex, Dec 5, 2009
    #3
  4. DO> I know, you've heard that before but try to believe it :)

    Indeed, we've heard it before. And from what you describe whilst the
    configuration may be _correct_, for some limited definition of the
    concept, it is still _poor_. You are mixing and matching two quite
    different forms of DNS database replication in a single zone, for
    starters.

    <URL:http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/dns-soa-
    field-semantics.html#Replication>

    As M. Fekay says, that's a source of log messages in itself, for
    starters. It's also a poor idea. You already have Active Directory
    replicating the DNS data around. Don't mix in a second different
    replication mechanism. Use the one that you already have in place.

    DO> The DNS server is logging numerous run-time events. For
    information
    DO> about these events, see previous DNS Server event log entries.

    The message _is_ pretty self-explanatory. It says see the previous
    log entries. So see the previous log entries. Yes, there _will be_
    previous log entries, even though you say this:

    DO> The other servers have clean logs. [...]
    DO> It's one of the last errors in any of the even logs on all of my
    servers.

    Now _turn logging fully on_ and read all of the logs, so that you see
    the previous log messages that are leading up to that DNS-3000
    message. (-:
     
    J de Boyne Pollard, Dec 8, 2009
    #4
  5. "Dave Onex" <> wrote in message
    news:...
    > Hi Ace!
    >
    > All DNS servers/DC's are all on the same network in the same location on
    > the same subnet.
    > They're actually all sitting on top of each other in a rack :)
    >
    > Here's an overview;
    >
    > Backup is what I consider the PDC. It's AD integrated on the first zone
    > because it's a DC
    > There are 3 zones, and they are all primary.
    >
    > NS1 is also a DC so it has an AD integrated root zone
    > It also has 2 other zones - these are Secondary (Backup is primary for
    > those).
    >
    > Neither of these machines has any issues.
    >
    > The third machine is Mail. It's a secondary for all 3 zones and can accept
    > transfers from either of the DC's.
    >
    > Here's a complete breakdown on the Servers.
    >
    > =========================================
    > This is the first DC - all zones are Primaries and it's AD integrated
    > =========================================
    >
    > Machine = Backup (.70)
    > Role = Domain Controller
    > O/S = Windows 2000
    >
    > Windows 2000 IP Configuration
    >
    > Host Name . . . . . . . . . . . . : backup
    > Primary DNS Suffix . . . . . . . : askmarvin.ca
    > Node Type . . . . . . . . . . . . : Hybrid
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    > DNS Suffix Search List. . . . . . : askmarvin.ca
    >
    > Ethernet adapter NIC Team:
    >
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : HP Network Team #1
    > Physical Address. . . . . . . . . : 00-08-02-54-DA-77
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.1.70
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > Default Gateway . . . . . . . . . : 192.168.1.25
    > DNS Servers . . . . . . . . . . . : 192.168.1.70
    > 192.168.1.50
    > Primary WINS Server . . . . . . . : 192.168.1.70
    >
    > =========================================
    > This is the Second DC - the root domain is Primary and it's AD integrated
    > The 2 other zones are secondary - they pull from the Master (above)
    > =========================================
    >
    > Machine = NS1 (.50)
    > Role = Domain Controller
    > O/S = Windows 2000
    >
    > Windows 2000 IP Configuration
    >
    > Host Name . . . . . . . . . . . . : ns1
    > Primary DNS Suffix . . . . . . . : askmarvin.ca
    > Node Type . . . . . . . . . . . . : Hybrid
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    > DNS Suffix Search List. . . . . . : askmarvin.ca
    >
    > Ethernet adapter Team 1:
    >
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : BASP Virtual Adapter
    > Physical Address. . . . . . . . . : 00-06-5B-F7-25-56
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.1.54
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > IP Address. . . . . . . . . . . . : 192.168.1.53
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > IP Address. . . . . . . . . . . . : 192.168.1.50
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > Default Gateway . . . . . . . . . : 192.168.1.25
    > DNS Servers . . . . . . . . . . . : 192.168.1.50
    > 192.168.1.70
    > Primary WINS Server . . . . . . . : 192.168.1.70
    >
    > =========================================
    > Note:
    > None of the Domain Controllers have any errors in their event logs
    > They are as happy as clams :)
    > =========================================
    >
    > Machine = MAIL (.60)
    > Role = Mail Server & Secondary DNS Server
    > O/S = Windows 2000
    >
    > Windows 2000 IP Configuration
    >
    > Host Name . . . . . . . . . . . . : mail
    > Primary DNS Suffix . . . . . . . : askmarvin.ca
    > Node Type . . . . . . . . . . . . : Hybrid
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    > DNS Suffix Search List. . . . . . : askmarvin.ca
    >
    > Ethernet adapter NIC Team:
    >
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : HP Network Team #1
    > Physical Address. . . . . . . . . : 00-0E-7F-B4-77-81
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.1.60
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > Default Gateway . . . . . . . . . : 192.168.1.25
    > DNS Servers . . . . . . . . . . . : 192.168.1.60
    > Primary WINS Server . . . . . . . : 192.168.1.70
    > =========================================
    > Note:
    > This is the machine that randomly reports the error.
    > It's entirely configured as a secondary and can accept zone
    > transfers from either of the two DC's. Error below;
    >
    > The DNS server is logging numerous run-time events. For information about
    > these events, see previous DNS Server event log entries. To prevent the
    > DNS Server from clogging server logs, further logging of this event and
    > other
    > events with higher Event IDs will now be suppressed.
    > =========================================
    >
    > Best & Thanks;
    > Marvin
    >


    Marvin,

    Thank you for posting the info.

    The problem is the multiple IPs on the DC. Why all of those IPs? It causes
    havoc with DNS registration as well as DC/AD functionality and
    communication. If you REALLY need to have all of those IPs on a DC (I've
    never seen a DC with such a configuration), please read the following for
    more info as to how DCs work, DNS registrations, effects of such a config
    and options to fix it.

    Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
    http://msmvps.com/blogs/acefekay/ar...-dcs-with-dns-rras-and-or-pppoe-adapters.aspx


    Ace
     
    Ace Fekay [MCT], Dec 8, 2009
    #5
  6. Dave Onex

    Dave Onex Guest

    Hi Ace;

    Thanks for taking a look at the DNS configuration.

    The reason the second DC has 3 IP's bound to it is because it's doing duty
    as a web server. In fact, that machine never was a DC until I did some
    upgrades to the network recently that required it to be upgraded.

    The thing is, there's no errors between the two DC's. The errors are only
    appearing (randomly) about once or twice a day on the mail server. That's
    the one that's a secondary and it pulls it's zone information from the DC
    with only one IP bound to it.

    I enabled DNS logging on the mail server (the one that reports the error) so
    that I could hopefully see what's going on more clearly. The problem is that
    the error event occurs so rarely that the DNS log file has usually turned
    over by the time I see the event entry and by then the information is gone
    :-(

    I could remove the extra two IP's from the other server as a temporary test
    but I kind of doubt it's going to change anything. The two domain
    controllers are happy as clams and report no errors with each other.

    A more proper solution would be to add more machines and re-design the
    network a bit but that's not likely to happen any time soon. It might be a
    case of having to live with one error in the event logs on one machine :)
    The thing is, I wish I knew exactly what was causing the error to be
    reported.

    Best & thanks!




    "Ace Fekay [MCT]" <> wrote in message
    news:...
    > "Dave Onex" <> wrote in message
    > news:...
    >> Hi Ace!
    >>
    >> All DNS servers/DC's are all on the same network in the same location on
    >> the same subnet.
    >> They're actually all sitting on top of each other in a rack :)
    >>
    >> Here's an overview;
    >>
    >> Backup is what I consider the PDC. It's AD integrated on the first zone
    >> because it's a DC
    >> There are 3 zones, and they are all primary.
    >>
    >> NS1 is also a DC so it has an AD integrated root zone
    >> It also has 2 other zones - these are Secondary (Backup is primary for
    >> those).
    >>
    >> Neither of these machines has any issues.
    >>
    >> The third machine is Mail. It's a secondary for all 3 zones and can
    >> accept
    >> transfers from either of the DC's.
    >>
    >> Here's a complete breakdown on the Servers.
    >>
    >> =========================================
    >> This is the first DC - all zones are Primaries and it's AD integrated
    >> =========================================
    >>
    >> Machine = Backup (.70)
    >> Role = Domain Controller
    >> O/S = Windows 2000
    >>
    >> Windows 2000 IP Configuration
    >>
    >> Host Name . . . . . . . . . . . . : backup
    >> Primary DNS Suffix . . . . . . . : askmarvin.ca
    >> Node Type . . . . . . . . . . . . : Hybrid
    >> IP Routing Enabled. . . . . . . . : No
    >> WINS Proxy Enabled. . . . . . . . : No
    >> DNS Suffix Search List. . . . . . : askmarvin.ca
    >>
    >> Ethernet adapter NIC Team:
    >>
    >> Connection-specific DNS Suffix . :
    >> Description . . . . . . . . . . . : HP Network Team #1
    >> Physical Address. . . . . . . . . : 00-08-02-54-DA-77
    >> DHCP Enabled. . . . . . . . . . . : No
    >> IP Address. . . . . . . . . . . . : 192.168.1.70
    >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
    >> Default Gateway . . . . . . . . . : 192.168.1.25
    >> DNS Servers . . . . . . . . . . . : 192.168.1.70
    >> 192.168.1.50
    >> Primary WINS Server . . . . . . . : 192.168.1.70
    >>
    >> =========================================
    >> This is the Second DC - the root domain is Primary and it's AD integrated
    >> The 2 other zones are secondary - they pull from the Master (above)
    >> =========================================
    >>
    >> Machine = NS1 (.50)
    >> Role = Domain Controller
    >> O/S = Windows 2000
    >>
    >> Windows 2000 IP Configuration
    >>
    >> Host Name . . . . . . . . . . . . : ns1
    >> Primary DNS Suffix . . . . . . . : askmarvin.ca
    >> Node Type . . . . . . . . . . . . : Hybrid
    >> IP Routing Enabled. . . . . . . . : No
    >> WINS Proxy Enabled. . . . . . . . : No
    >> DNS Suffix Search List. . . . . . : askmarvin.ca
    >>
    >> Ethernet adapter Team 1:
    >>
    >> Connection-specific DNS Suffix . :
    >> Description . . . . . . . . . . . : BASP Virtual Adapter
    >> Physical Address. . . . . . . . . : 00-06-5B-F7-25-56
    >> DHCP Enabled. . . . . . . . . . . : No
    >> IP Address. . . . . . . . . . . . : 192.168.1.54
    >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
    >> IP Address. . . . . . . . . . . . : 192.168.1.53
    >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
    >> IP Address. . . . . . . . . . . . : 192.168.1.50
    >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
    >> Default Gateway . . . . . . . . . : 192.168.1.25
    >> DNS Servers . . . . . . . . . . . : 192.168.1.50
    >> 192.168.1.70
    >> Primary WINS Server . . . . . . . : 192.168.1.70
    >>
    >> =========================================
    >> Note:
    >> None of the Domain Controllers have any errors in their event logs
    >> They are as happy as clams :)
    >> =========================================
    >>
    >> Machine = MAIL (.60)
    >> Role = Mail Server & Secondary DNS Server
    >> O/S = Windows 2000
    >>
    >> Windows 2000 IP Configuration
    >>
    >> Host Name . . . . . . . . . . . . : mail
    >> Primary DNS Suffix . . . . . . . : askmarvin.ca
    >> Node Type . . . . . . . . . . . . : Hybrid
    >> IP Routing Enabled. . . . . . . . : No
    >> WINS Proxy Enabled. . . . . . . . : No
    >> DNS Suffix Search List. . . . . . : askmarvin.ca
    >>
    >> Ethernet adapter NIC Team:
    >>
    >> Connection-specific DNS Suffix . :
    >> Description . . . . . . . . . . . : HP Network Team #1
    >> Physical Address. . . . . . . . . : 00-0E-7F-B4-77-81
    >> DHCP Enabled. . . . . . . . . . . : No
    >> IP Address. . . . . . . . . . . . : 192.168.1.60
    >> Subnet Mask . . . . . . . . . . . : 255.255.255.0
    >> Default Gateway . . . . . . . . . : 192.168.1.25
    >> DNS Servers . . . . . . . . . . . : 192.168.1.60
    >> Primary WINS Server . . . . . . . : 192.168.1.70
    >> =========================================
    >> Note:
    >> This is the machine that randomly reports the error.
    >> It's entirely configured as a secondary and can accept zone
    >> transfers from either of the two DC's. Error below;
    >>
    >> The DNS server is logging numerous run-time events. For information about
    >> these events, see previous DNS Server event log entries. To prevent the
    >> DNS Server from clogging server logs, further logging of this event and
    >> other
    >> events with higher Event IDs will now be suppressed.
    >> =========================================
    >>
    >> Best & Thanks;
    >> Marvin
    >>

    >
    > Marvin,
    >
    > Thank you for posting the info.
    >
    > The problem is the multiple IPs on the DC. Why all of those IPs? It causes
    > havoc with DNS registration as well as DC/AD functionality and
    > communication. If you REALLY need to have all of those IPs on a DC (I've
    > never seen a DC with such a configuration), please read the following for
    > more info as to how DCs work, DNS registrations, effects of such a config
    > and options to fix it.
    >
    > Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
    > http://msmvps.com/blogs/acefekay/ar...-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
    >
    >
    > Ace
    >
    >
     
    Dave Onex, Dec 8, 2009
    #6
  7. "Dave Onex" <> wrote in message
    news:%...
    > Hi Ace;
    >
    > Thanks for taking a look at the DNS configuration.
    >
    > The reason the second DC has 3 IP's bound to it is because it's doing duty
    > as a web server. In fact, that machine never was a DC until I did some
    > upgrades to the network recently that required it to be upgraded.
    >
    > The thing is, there's no errors between the two DC's. The errors are only
    > appearing (randomly) about once or twice a day on the mail server. That's
    > the one that's a secondary and it pulls it's zone information from the DC
    > with only one IP bound to it.
    >
    > I enabled DNS logging on the mail server (the one that reports the error)
    > so that I could hopefully see what's going on more clearly. The problem is
    > that the error event occurs so rarely that the DNS log file has usually
    > turned over by the time I see the event entry and by then the information
    > is gone :-(
    >
    > I could remove the extra two IP's from the other server as a temporary
    > test but I kind of doubt it's going to change anything. The two domain
    > controllers are happy as clams and report no errors with each other.
    >
    > A more proper solution would be to add more machines and re-design the
    > network a bit but that's not likely to happen any time soon. It might be a
    > case of having to live with one error in the event logs on one machine :)
    > The thing is, I wish I knew exactly what was causing the error to be
    > reported.
    >
    > Best & thanks!


    Hi Dave,

    It sounds like you already know the solution. Either move the web server to
    a non-DC, demote the web server, or make a boat load of registry changes to
    fix it. I hope you've found my blog informational on the implications and
    why this current configuration causes problems.

    Ace
     
    Ace Fekay [MCT], Dec 8, 2009
    #7
  8. Dave Onex

    Dave Onex Guest

    Hi Ace;

    Adding more machines and changing the network around (once more) would be
    the perfect solution.
    I did read your article on multi-homed domain controllers but it's not
    really specific to my situation as I'm not using an external IP or my ISP
    DNS servers etc. In my case there is no 'external' adapter or network in
    that DC.

    I agree that it would be foolish to have my ISP's DNS servers on any of
    machines. In my case, each machine that DNS is running on points only to
    itself for DNS resolution. The DNS on each machine is then set to use a
    forwarder, in this case my firewall machine, in the event that it's not able
    to resolve the request locally. Thus, any 'internal' requests are handled
    internally and any 'external' requests go over to the firewall for
    processing. If the DNS on the firewall can't service the request (because
    it's not cached) then the DNS on the firewall is configured to then go
    looking for the answer on my ISP's DNS servers. On so on up the chain.

    The article you reference is really, really good but I think it's more
    geared towards someone truly running a multi-homed NIC - ie, one that is
    bound top two different networks. In my case the DC in question has 3 IP's -
    but they are bound to the same network, so I think it's a little different
    in that respect.

    Eiether way, I'm in agreement that the real solution would be a small
    re-design of the network. The best thing would be two dedicated DNS servers
    and get both AD & DNS off the web server :) Separate everything onto
    separate machines as it's supposed to be.

    Still, I don't why the mail server reports this one error every once in a
    while.

    J de Boyne Pollard;

    I read the link you posted and it was also excellent. You also brought up
    some good points that caused me to re-think how my DNS is set up. I think it
    could be improved :)

    You mentioned;

    "DO> The DNS server is logging numerous run-time events. For
    information
    DO> about these events, see previous DNS Server event log entries.

    The message _is_ pretty self-explanatory. It says see the previous
    log entries. So see the previous log entries. Yes, there _will be_
    previous log entries, even though you say this:

    DO> The other servers have clean logs. [...]
    DO> It's one of the last errors in any of the even logs on all of my
    servers.

    Now _turn logging fully on_ and read all of the logs, so that you see
    the previous log messages that are leading up to that DNS-3000
    message. (-: "

    The previous entries are nothing but informational notifications about zone
    transfers. Nothing about them really seems to give me any direction as far
    as that goes. I did turn on DNS logging but the problem is that the error is
    so intermittant that the DNS log has always been wrapped by the time I
    notice an error :-(

    Nevertheless, you reply did get me thinking about my DNS implementation.
    While it's working well (except for the one intermittent error), I can see
    that there is going to be a better way to skin the cat :)

    Best & Thanks!
    Dave






    "Ace Fekay [MCT]" <> wrote in message
    news:...
    > "Dave Onex" <> wrote in message
    > news:%...
    >> Hi Ace;
    >>
    >> Thanks for taking a look at the DNS configuration.
    >>
    >> The reason the second DC has 3 IP's bound to it is because it's doing
    >> duty as a web server. In fact, that machine never was a DC until I did
    >> some upgrades to the network recently that required it to be upgraded.
    >>
    >> The thing is, there's no errors between the two DC's. The errors are only
    >> appearing (randomly) about once or twice a day on the mail server. That's
    >> the one that's a secondary and it pulls it's zone information from the DC
    >> with only one IP bound to it.
    >>
    >> I enabled DNS logging on the mail server (the one that reports the error)
    >> so that I could hopefully see what's going on more clearly. The problem
    >> is that the error event occurs so rarely that the DNS log file has
    >> usually turned over by the time I see the event entry and by then the
    >> information is gone :-(
    >>
    >> I could remove the extra two IP's from the other server as a temporary
    >> test but I kind of doubt it's going to change anything. The two domain
    >> controllers are happy as clams and report no errors with each other.
    >>
    >> A more proper solution would be to add more machines and re-design the
    >> network a bit but that's not likely to happen any time soon. It might be
    >> a case of having to live with one error in the event logs on one machine
    >> :) The thing is, I wish I knew exactly what was causing the error to be
    >> reported.
    >>
    >> Best & thanks!

    >
    > Hi Dave,
    >
    > It sounds like you already know the solution. Either move the web server
    > to a non-DC, demote the web server, or make a boat load of registry
    > changes to fix it. I hope you've found my blog informational on the
    > implications and why this current configuration causes problems.
    >
    > Ace
    >
    >
    >
     
    Dave Onex, Dec 8, 2009
    #8
  9. Dave Onex

    Dave Onex Guest

    BTW, I just wanted to thank you both for your help with this issue!

    Hearing both your thoughts on the matter and looking up those articles you
    guys wrote put in the right head space to understand that I could implement
    my DNS a little differently. In fact, in the brief time that I've had to
    think about it I've already come up with several different ways of
    restructuring my DNS setup.

    Thanks guys! You got me thinking the right way :)

    Best!
    Dave


    "J de Boyne Pollard" <> wrote in message
    news:...
    > DO> I know, you've heard that before but try to believe it :)
    >
    > Indeed, we've heard it before. And from what you describe whilst the
    > configuration may be _correct_, for some limited definition of the
    > concept, it is still _poor_. You are mixing and matching two quite
    > different forms of DNS database replication in a single zone, for
    > starters.
    >
    > <URL:http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/dns-soa-
    > field-semantics.html#Replication>
    >
    > As M. Fekay says, that's a source of log messages in itself, for
    > starters. It's also a poor idea. You already have Active Directory
    > replicating the DNS data around. Don't mix in a second different
    > replication mechanism. Use the one that you already have in place.
    >
    > DO> The DNS server is logging numerous run-time events. For
    > information
    > DO> about these events, see previous DNS Server event log entries.
    >
    > The message _is_ pretty self-explanatory. It says see the previous
    > log entries. So see the previous log entries. Yes, there _will be_
    > previous log entries, even though you say this:
    >
    > DO> The other servers have clean logs. [...]
    > DO> It's one of the last errors in any of the even logs on all of my
    > servers.
    >
    > Now _turn logging fully on_ and read all of the logs, so that you see
    > the previous log messages that are leading up to that DNS-3000
    > message. (-:
     
    Dave Onex, Dec 9, 2009
    #9
  10. "Dave Onex" <> wrote in message
    news:%...
    > Hi Ace;
    >
    > Adding more machines and changing the network around (once more) would be
    > the perfect solution.
    > I did read your article on multi-homed domain controllers but it's not
    > really specific to my situation as I'm not using an external IP or my ISP
    > DNS servers etc. In my case there is no 'external' adapter or network in
    > that DC.
    >
    > I agree that it would be foolish to have my ISP's DNS servers on any of
    > machines. In my case, each machine that DNS is running on points only to
    > itself for DNS resolution. The DNS on each machine is then set to use a
    > forwarder, in this case my firewall machine, in the event that it's not
    > able to resolve the request locally. Thus, any 'internal' requests are
    > handled internally and any 'external' requests go over to the firewall for
    > processing. If the DNS on the firewall can't service the request (because
    > it's not cached) then the DNS on the firewall is configured to then go
    > looking for the answer on my ISP's DNS servers. On so on up the chain.
    >
    > The article you reference is really, really good but I think it's more
    > geared towards someone truly running a multi-homed NIC - ie, one that is
    > bound top two different networks. In my case the DC in question has 3
    > IP's - but they are bound to the same network, so I think it's a little
    > different in that respect.
    >
    > Eiether way, I'm in agreement that the real solution would be a small
    > re-design of the network. The best thing would be two dedicated DNS
    > servers and get both AD & DNS off the web server :) Separate everything
    > onto separate machines as it's supposed to be.
    >
    > Still, I don't why the mail server reports this one error every once in a
    > while.
    >
    > J de Boyne Pollard;
    >
    > I read the link you posted and it was also excellent. You also brought up
    > some good points that caused me to re-think how my DNS is set up. I think
    > it could be improved :)
    >
    > You mentioned;
    >
    > "DO> The DNS server is logging numerous run-time events. For
    > information
    > DO> about these events, see previous DNS Server event log entries.
    >
    > The message _is_ pretty self-explanatory. It says see the previous
    > log entries. So see the previous log entries. Yes, there _will be_
    > previous log entries, even though you say this:
    >
    > DO> The other servers have clean logs. [...]
    > DO> It's one of the last errors in any of the even logs on all of my
    > servers.
    >
    > Now _turn logging fully on_ and read all of the logs, so that you see
    > the previous log messages that are leading up to that DNS-3000
    > message. (-: "
    >
    > The previous entries are nothing but informational notifications about
    > zone transfers. Nothing about them really seems to give me any direction
    > as far as that goes. I did turn on DNS logging but the problem is that the
    > error is so intermittant that the DNS log has always been wrapped by the
    > time I notice an error :-(
    >
    > Nevertheless, you reply did get me thinking about my DNS implementation.
    > While it's working well (except for the one intermittent error), I can see
    > that there is going to be a better way to skin the cat :)
    >
    > Best & Thanks!
    > Dave
    >
    >
    >


    Multihoming also includes a DC with multiple IPs. It's because of the
    additional DNS entries it creates. It falls under the same category as
    multiple NICs and/or installing RRAS on a DC. The part about using an ISP's
    DNS is only in the beginning of the blog, it goes on regarding DNS and
    registration issues. Sorry it was a long blog to read, but I tried to
    address everything regarding this type of configuration.

    I hope things work out with your solution.

    Cheers!

    Ace

    Ace
     
    Ace Fekay [MCT], Dec 9, 2009
    #10
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris Heiner

    Event ID 13508 amd 16650, Event id 5504

    Chris Heiner, Jul 5, 2003, in forum: Microsoft Windows 2000 DNS
    Replies:
    2
    Views:
    2,789
    Ace Fekay [MVP]
    Jul 7, 2003
  2. Guest

    Event 3000 and 9999

    Guest, Jun 8, 2004, in forum: Microsoft Windows 2000 DNS
    Replies:
    1
    Views:
    383
    Kevin D. Goodknecht [MVP]
    Jun 9, 2004
  3. Bob Williamson

    Event ID 3000

    Bob Williamson, Nov 9, 2004, in forum: Microsoft Windows 2000 DNS
    Replies:
    2
    Views:
    6,245
    Guest
    Mar 7, 2005
  4. Guest
    Replies:
    1
    Views:
    1,454
    Denis Wong @ Hong Kong
    Jun 22, 2005
  5. Windows 2003 R2 SP2 DNS Event ID 3000

    , Oct 5, 2007, in forum: Microsoft Windows 2000 DNS
    Replies:
    2
    Views:
    3,292
    Kevin D. Goodknecht Sr. [MVP]
    Oct 11, 2007
Loading...

Share This Page