DNS stops resolving

[Sam]

Hi,

I noticed that time to time our AD integrated DNS servers will stop
resolving domains. We just had a situation where our Exchange server started
having outgoing mail delivery problems. When I did an NSLOOKUP on the
Exchange box, I realized the DNS server wasn't resolving anything. I
restarted the AD/DNS server and the problem was resolved.

My question is what could be causing this? We built these AD/DNS machines
rather recently. They seem to be running comfortably but when I check the
event viewer, I see a ton of warnings (event ID 5504). The description reads
"The DNS server encountered an invalid domain name in a packet from
193.32.4.12. The packet was rejected."

This IP address points to one of the root servers. When I check other
similar events, they are the same but the IP addresses could be different --
different root servers.

Any idea what could be causing this?

Thanks,

Sam

 

[Kevin D. Goodknecht [MVP]]

In

Hi,

I noticed that time to time our AD integrated DNS servers will stop
resolving domains. We just had a situation where our Exchange server
started having outgoing mail delivery problems. When I did an
NSLOOKUP on the Exchange box, I realized the DNS server wasn't
resolving anything. I restarted the AD/DNS server and the problem was
resolved.

My question is what could be causing this? We built these AD/DNS
machines rather recently. They seem to be running comfortably but
when I check the event viewer, I see a ton of warnings (event ID
5504). The description reads "The DNS server encountered an invalid
domain name in a packet from 193.32.4.12. The packet was rejected."

This IP address points to one of the root servers. When I check other
similar events, they are the same but the IP addresses could be
different -- different root servers.

Any idea what could be causing this?

What are the forwarders configured on the DNS servers?

What names are configured on the DNS suffix search list on your clients?

Do you have any Win9x clients?

 

[Sam]

Hi,

Actually, I'm a little confused myself. We've always used forwarders. When I
right click the server and select properties, I see no forwarders listed
under the "Forwarders" tab. I'm not sure what happened. I'll use the old,
"the network admin who no longer works here must have done something"
excuse.

As far as DNS suffixes, here's the settings:

"append parent suffixes on the primary DNS suffix" is checked along with
"append parent suffixes of the primary DNS suffix"

The DNS suffix for this connection box is empty and "Register this
connection's address in DNS" is checked.

We have no 9x clients. My concern however was with Exchange. When the DNS
server stops resolving, for some reason Exchange box, doesn't go to the
second DNS. I guess because the first DNS is not really down. So all of a
sudden, we start having Exchange problems.

Again, I'm talking about the AD integrated internal DNS servers here.

We also have linux based external DNS servers. Is it a good idea for me to
enter the IPs of the external DNS under the forwarders tab?

There seems to be two schools of thought on this one. Some suggest, I should
use the ISP's DNS Servers-- Sprint in our case -- under forwarders. Some
argue, I should use our external DNS's. What do you sugges?

Thanks,

Sam

 

[Kevin D. Goodknecht [MVP]]

In

Hi,

Actually, I'm a little confused myself. We've always used forwarders.
When I right click the server and select properties, I see no
forwarders listed under the "Forwarders" tab. I'm not sure what
happened. I'll use the old, "the network admin who no longer works
here must have done something" excuse.

As far as DNS suffixes, here's the settings:

"append parent suffixes on the primary DNS suffix" is checked along
with "append parent suffixes of the primary DNS suffix"

Deselect "Append parent suffixes of the Primary DNS suffix"

The DNS suffix for this connection box is empty and "Register this
connection's address in DNS" is checked.

We have no 9x clients. My concern however was with Exchange. When the
DNS server stops resolving, for some reason Exchange box, doesn't go
to the second DNS. I guess because the first DNS is not really down.
So all of a sudden, we start having Exchange problems.

Again, I'm talking about the AD integrated internal DNS servers here.

Do you have two internal DNS servers?

We also have linux based external DNS servers. Is it a good idea for
me to enter the IPs of the external DNS under the forwarders tab?

There seems to be two schools of thought on this one. Some suggest, I
should use the ISP's DNS Servers-- Sprint in our case -- under
forwarders. Some argue, I should use our external DNS's. What do you
sugges?

Use your External DNS, and use your ISP's.

If the link to your ISP gets overloaded, that can cause 5504 events, too.