Solved

DNS Error Event 7062

Posted on 2008-10-16
6
817 Views
Last Modified: 2010-04-21
Hi,

I look after a simple Windows 2003 server setup with 5 clients.  However I am getting lots of event 7062 errors:

"The DNS server encountered a packet addressed to itself on IP address 192.168.0.20. The packet is for the DNS name "_ldap._tcp.a2700020-cc38-4cba-b7d8-c7315d703996.domains._msdcs.galaxy.local.". The packet will be discarded. This condition usually indicates a configuration error.
 
Check the following areas for possible self-send configuration errors:
  1) Forwarders list. (DNS servers should not forward to themselves).
  2) Master lists of secondary zones.
  3) Notify lists of primary zones.
  4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
  5) Root hints.
 
Example of self-delegation:
  -> This DNS server dns1.example.microsoft.com is the primary for the zone example.microsoft.com.
  -> The example.microsoft.com zone contains a delegation of bar.example.microsoft.com to dns1.example.microsoft.com,
  (bar.example.microsoft.com NS dns1.example.microsoft.com)
  -> BUT the bar.example.microsoft.com zone is NOT on this server.
 
Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record.
 
You can use the DNS server debug logging facility to track down the cause of this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp."

I have looked on EE and around the internet and I find a Microsoft Support document that lists how to fix it.  The problem with it is that it refers to Windows 2000 and NT 4.0 so some of the fixes it suggests aren't there.

Any help greatly appreciated.

Mike


0
Comment
Question by:hydev
  • 3
  • 3
6 Comments
 
LVL 16

Expert Comment

by:JoWickerman
ID: 22728916
Hi hydev,

Have you tried:

The TCP/IP settings for your SBS server's NIC should point to its own address for DNS resolution. In your DNS server settings, you should have a forwarder configured to point to your ISP's DNS servers.

To set up a forwarder, open the DNS console, right-click your server, and select Properties. Go to the Forwarders tab, highlight "All other DNS domains" and add your ISP's DNS server address(es). This way, your server will handle DNS queries for your domain but will forward everything else to your ISP.

Also, make sure your domain's DNS name doesn't match a valid Internet domain name. Otherwise, you could have some strange occurrences. (Usually that'll just render that Internet domain inaccessible from your network.

Let me know!

Cheers
0
 

Author Comment

by:hydev
ID: 22728945
Hi,

This may seem like a dumb question but how do you find the IP for my ISP's DNS.  I assume it will be in the router configuration?

Mike
0
 
LVL 16

Expert Comment

by:JoWickerman
ID: 22728951
Hi,

I guess you'll have to phone them. They should've supplied it to you when you applied for their services.

Cheers
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:hydev
ID: 22729423
hi,

I have found this out and put it into the forwarders lists.  I then stopped and restarted the DNS Client and DNS Server services.   However I am still getting the event 7062.

Mike
0
 
LVL 16

Accepted Solution

by:
JoWickerman earned 500 total points
ID: 22729474
Ok,

First, you'll need the Windows Support Tools.
Download and install it if it's not installed already.

Start with > dnslint /ad /s localhost /v to see what errors come up.  Then use the Help & Support center to request specifics on the errors.

But, troubleshooting this issue is generally a shot in the dark and it's easier, and takes less time to simply rebuild your DNS server.

You don't need to uninstall and reinstall the service, you can just delete the forward and reverse lookup zones (and any others if there are some hanging outside those (sometimes the _msdcs zones get created wrongly).

Then, configure the DNS server using the DNS Manager.  A step by step is available here:

http://www.petri.co.il/install_and_configure_windows_2003_dns_server.htm

After you do that, rerun the CEICW and you should be fine.
0
 

Author Closing Comment

by:hydev
ID: 31506637
Thank you for that - reinstall seemed to work.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now