Solved

Stumped on EventID 7062 - DNS Question

Posted on 2003-12-11
6
573 Views
Last Modified: 2007-12-19
Im still kind of a newbie at dns... Wonder if you can help me figure this out? I keep getting hundreds of yellow alerts in my dns event viewer log. EventID 7062. Also getting eventid 9999. At the very bottom of my post is a sample of my zone files. Can you spot anything that im doing wrong?

Basically i have a VERY simple configuration. Ive only got 1 NT server which hosts my Dns also. In my zone file its set as NS1.MyHostingCompany.com and NS2.MyHostingCompany.com this is pointed my web server. So when I register any new domains I use the ns1. and ns2. addresses.

What am I doing wrong??? Thanks!

-Matt



**************Text for ID 9999**********************
The DNS server has encountered numerous run-time events.  These are usually caused by the reception of bad or unexpected packets, or from problems with or excessive replication traffic.  The data is the number of suppressed events encountered in the last 15 minute interval.
**************Text for ID 9999**********************


**************Text for ID 7062**********************
The DNS server encountered a packet addressed to itself -- IP address 21.96.63.27.
 
The DNS server should never be sending a packet to itself.  This situation usually indicates a configuration error.
 
Check the following areas for possible self-send configuration errors:
  1) Forwarders list. (DNS servers should not forward to themselves).
  2) Master lists of secondary zones.
  3) Notify lists of primary zones.
  4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
 
Example of self-delegation:
  -> This DNS server dns1.foo.com is the primary for the zone foo.com.
  -> The foo.com zone contains a delegation of bar.foo.com to dns1.foo.com,
  (bar.foo.com NS dns1.foo.com)
  -> BUT the bar.foo.com zone is NOT on this server.
 
Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record.
**************Text for ID 7062**********************



**************SAMPLE Zone file im getting errors with**********************
;
;  Database file MyDomain.com.dns for MyDomain.com zone.
;      Zone version:  2003111903
;

@                       IN  SOA ns1.MyHostingCompany.com.  admin.MyDomain.com. (
                              2003111903   ; serial number
                              3600         ; refresh
                              600          ; retry
                              1209600      ; expire
                              3600       ) ; minimum TTL

;
;  Zone NS records
;

@                       NS      ns1.MyHostingCompany.com.
ns1.MyHostingCompany.com. A      21.96.63.26
@                       NS      ns2.MyHostingCompany.com.
ns2.MyHostingCompany.com. A      21.96.63.27

;
;  Zone records
;

@                       A      21.96.63.26
@                       MX      10      mail.MyDomain.com.
ftp                     A      21.96.63.26
mail                    A      21.96.61.187
www                     A      21.96.63.26
**************SAMPLE Zone file im getting errors with**********************
0
Comment
Question by:mjreine
  • 2
  • 2
  • 2
6 Comments
 
LVL 5

Expert Comment

by:matt023
Comment Utility
ns1.MyHostingCompany.com is your DNS server and also your web server?
I assume ns1 holds the primary copy of MyDomain.com and ns2 has the secondary?
Do you have any forwarder set on ns1?
0
 

Author Comment

by:mjreine
Comment Utility
hello matt023,

 Yes... ns1.MyHostingCompany.com is my DNS server and also my web server. I host dns and my websites all on the same dedicated NT2k server.

 Basically due to costs there really is no ns2. I have 2 ip addresses that I was given from my ISP. So I bound .26 and .27 ips to the same adapter. I setup .26 as NS1. and .27 as NS2.

 Heres the zone file that I setup for MyHostingCompany.com Not sure what you mean about forwarders so heres the zone file for MyHostingCompany.com

Thanks again!
-Matt


;
;  Database file MyHostingCompany.com.dns for MyHostingCompany.com zone.
;      Zone version:  2003111905
;

@                       IN  SOA ns1.MyHostingCompany.com.  admin.MyHostingCompany.com. (
                              2003111905   ; serial number
                              900          ; refresh
                              600          ; retry
                              1209600      ; expire
                              3600       ) ; minimum TTL

;
;  Zone NS records
;

@                       NS      ns1.MyHostingCompany.com.
@                       NS      ns2.MyHostingCompany.com.

;
;  Zone records
;

ns1                     A      21.96.63.26
ns2                     A      21.96.63.27


0
 
LVL 6

Expert Comment

by:Joseph_Moore
Comment Utility
A good possible solution to this is here:
http://www.eventid.net/display.asp?eventid=7062

Basically, it says to replace the CACHE.DNS file with the copy in the Sample directory. Your copy might be pointing to itself, instead of the root DNS servers on the Internet. Replacing the file with the copy in the Sample directory takes care of this problem.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:mjreine
Comment Utility
Joseph,

 Just tried your suggestion... I noticed that the last time that file was updated was 1997, so upon further reading the file, I see that you can ftp to FTP.RS.INTERNIC.NET anonymously and under the domain folder, get the newest named.root file.

 I downloaded that, renamed it to CACHE.DNS and restarted the DNS server. It looks like it worked ok. I cleared all DNS events in the log and no major errors yet.

 Only thing is, my old cache.dns file didnt reference any of my ips anywhere in the file. So I wonder if this will fix it? Ill have to give it a couple of days and see how it goes. Thanks!

-Matt
0
 
LVL 5

Accepted Solution

by:
matt023 earned 250 total points
Comment Utility
You have 2 DNS servers listed as authoritative for the MyDomain.com zone that are the same physical server with 2 IP addresses bound to the same NIC card?  This can cause the warnings you're getting.  I suggest you remove the NS record of ns2.MyHostingCompany.com from this zone.  There is no reason for you to have ns2 in this zone.  You're not gaining anything from having it.  It's not going to manage the load of your server because queries coming to either IP addresses end up at your physical server.  It's not going to provide you with fault tolerance because if your server is down, DNS service has a problem, or the NIC card goes bad, both IP addresses will be effected.  You can leave the extra IP address bound to your NIC card for web service usage if you need to.  However, you should configure your DNS server to only listen to 1 IP address (ns1's IP address) and remove ns2 from the MyDomain.com zone.
0
 
LVL 6

Expert Comment

by:Joseph_Moore
Comment Utility
So, I am bored tonight, and I'm looking through old questions.
How did this go? From your last post, the CACHE.DNS file thing seemed to work. Did everything stabilize OK for you?
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now