[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1705
  • Last Modified:

Should Start of Authority (SOA) servers match on all DNS servers?

I have a quick and easy question. We have 4 servers with DNS on them. Lets call them servers 1,2,3,4. Servers 1 and 4 have server 1 listed as the SOA and servers 2 and 3 have server 2 listed as the SOA. Server 2 is the PDC.

Should it be listed that Server 2 is the SOA on all 4 servers? Just wondering if something is incorrect in DNS because server 1 had the PDC roles moved to Server 2 recently.
0
doboszb
Asked:
doboszb
  • 3
  • 2
1 Solution
 
Darius GhassemCommented:
DNS records should be the same across all DNS servers if they are part of the same domain and replicating with each other. If Server 1 has an SOA record or even an A record then any other server that it is replicating with should have those same records. You can run a netdiag /test:dns to see if  you have any errors listed.
0
 
doboszbAuthor Commented:
when I run that test I get 'The AAAA record for this DC was not found"
I am also getting Middli

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.CQC>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = AD02
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Madison\AD02
      Starting test: Connectivity
         ......................... AD02 passed test Connectivity

Doing primary tests

   Testing server: Madison\AD02

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... AD02 passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on :

   Running enterprise tests on : domain.com
      Starting test: DNS
               TEST: Basic (Basc)
                  Warning: The AAAA record for this DC was not found

               TEST: Records registration (RReg)
                  Network Adapter
                  [00000006] Citrix XenServer PV Ethernet Adapter:
                     Warning:
                     Missing AAAA record at DNS server 192.168.41.65:
                     AD02.domain.com

                     Warning:
                     Missing AAAA record at DNS server 192.168.41.65:
                     gc._msdcs.domain.com

                     Warning:
                     Missing AAAA record at DNS server 192.168.43.70:
                     AD02.domain.com

                     Warning:
                     Missing AAAA record at DNS server 192.168.43.70:
                     gc._msdcs.domain.com

               Warning: Record Registrations not found in some network adapters

              PASS WARN PASS PASS PASS WARN n/a


0
 
doboszbAuthor Commented:
Nevermind, I figured out the AAAA records for for IPV6 and we aren't using that. Everything must be working now in DNS even if the SOA records are all not pointing to the same server
0
 
Darius GhassemCommented:
Do you have any 2008 servers on your network? Make sure you disable IPv6. Once  you have disabled to a netdiag /fix. Go to DNS Clear the cache then reload the DNS Zone. Also, I was wrong when I told you they should be the same when it comes to SOA records. I wasn't reading your post that carefully. If you have AD integrated Zones then in DNS the SOA record will point to themselves or sometimes to another server. Since AD integrated zones are all editable.
0
 
doboszbAuthor Commented:
All DNS problems are now gone
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now