Solved

DNS Warning in event viewer

Posted on 2006-06-22
10
423 Views
Last Modified: 2010-07-27
I am continuously getting this warning in the event viewer. i have an active directory integrated DNS server (ip 128.128.30.1)

The DNS server encountered a packet addressed to itself -- IP address 128.128.30.1.
 
The DNS server should never be sending a packet to itself.  This situation usually indicates a configuration error.
 
Check the following areas for possible self-send configuration errors:
  1) Forwarders list. (DNS servers should not forward to themselves).
  2) Master lists of secondary zones.
  3) Notify lists of primary zones.
  4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
 
Example of self-delegation:
  -> This DNS server dns1.foo.com is the primary for the zone foo.com.
  -> The foo.com zone contains a delegation of bar.foo.com to dns1.foo.com,
  (bar.foo.com NS dns1.foo.com)
  -> BUT the bar.foo.com zone is NOT on this server.
 
Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS

I have not enabled Forwarders list

other things pls let me know  where to look at.


Thanks in advance

Venkat
0
Comment
Question by:venkataramanaiahsr
  • 6
  • 2
  • 2
10 Comments
 
LVL 7

Expert Comment

by:Chatable
Comment Utility
Check the "root hints" section too and make sure the server's own IP isn't listed there.
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
there is no entry of this ip in root hints.
0
 
LVL 7

Expert Comment

by:Chatable
Comment Utility
0
 
LVL 20

Expert Comment

by:brwwiggins
Comment Utility
check through your zones and see if any of them could not be loaded. I've seen this problem when a server was set to use root hints, changed to forwarders, and then back to root hints.

The reverse lookup zone got corrupted in that case.
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
i see some similarity in the actions i did on active directory integrated dns server and  the comment posted by "brwwiggins".  Intially the domain controller was built without connecting to the internet. hence there were two entries in dns console .  one is . and another is domain name. hence the forwarders were not enabled.  because of  this i could not connect to the internet ( which is thro winxp internet sharing from different machine) from the client machine  if i give  the ip address of domain controller
(active directory integrated dns)  in  primary dns place  though i give ip address of win xp machine  in default gateway.
I had to give  ip address of winxp m/c in both default gateway and primay dns inorder to access internet from cliet machine.


 To aviod this i deleted  . entry to enable forwarders  and once i gave dns address of my isp in forwarders list.
  then i removed it from the forwarders list.

  now my internet problem is solved.  whichever machine i need to enable internet all i have to do is give winxp
system's ip address in default gateway. now the primary dns server ip address of all the clients is ip address of my active directory integrated dns server.  

now when i go to dns console only forward look up zone contains  A record of all hosts connected to this domain controller. there is record in reverse look up zone.

now is this the problem and if so how to rectify it. i think this also explains the  reason  for my above problem and solution about internet sharing.

so, Dear "brwwiggins" pls explain the complete technical flow how this happened immeditaely

Thanks in advance

Venkat
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 20

Accepted Solution

by:
brwwiggins earned 500 total points
Comment Utility
do you have the DNS server pointing to itself for DNS resolution? Do not include the ISP as a secondary DNS to your server under the network properties of the server. It should only have itself and another AD-integrated DNS server for your domain if one exists.

When we ran into this problem, the DNS server was trying to register itself in DNS as all clients do. However, instead of registering the IP address and hostname on it's own DNS services it was trying to register with the hosts that were set as forwarders earlier. These hosts were configured to point dns requests for my domain back to the AD-integrated server....basically a loop. The registration request was going out to another server, which refers back to my DNS server, and then my DNS server throws up an error because it received a request to register itself.

The only way I could resolve the issue was to delete the zones and re-create them in AD.
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
i have only one entry in my ad integrated dns server setting i,e ip address  pointing to itself.  there are no other entries. I have only one domain controller in my network and one additonal domain controller both in the same ip range and subnet mask . the host which were set as forwarders ( now there are no entries in forwarders) are the dns servers of my isp and i dont think the dns servers of my isp are configured to my domain which is configured with internal ip.



pls explain.

also pls tell me how to go about deleting  the zones  and recreating in AD

venkat
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
when i ran netdiag /fix i got the following result

DNS test ...................................Passed
[WARNING] Cannot find a primary authoritative DNS server for the name
 'daserver.srinivasa.com.'. [RCODE_SERVER_FAILURE]
 The name 'daserver.srinivasa.com.' may not be registered in DNS.

   PASS - All the DNS entries for DC are registered on DNS server '128.128.30.1
 and other DCs also have some of the names registered.

is this the problem and how to rectify it

pls reply immediately as i am getting this msg every few seconds

Thanks
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
this msg means dns  warning 7062 in event viewer
0
 

Author Comment

by:venkataramanaiahsr
Comment Utility
another thing.  now there is another entry in my dns console called cached lookups

dns
  daserver (computername0
    Cached Lookups
      .
        BIZ
        com
        cx
        edu
        etc


tilldate it was not there  now when i open dns console  this new entry was there .  all i rememebr  is i  stopped and started netlogon service , ran netdiag /fix couple of times

i just want know whether it is normal or my dns is  corrupted.

pls explain immediately
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now