Solved

Error 11160 Dnsapi update to wrong DNS server?

Posted on 2009-07-10
4
1,510 Views
Last Modified: 2012-05-07
My web server, running Windows Server 2003, has two NICs in it.  I am on a University Campus network, so they provide me with a vLan that connects NIC #1 to my internal network as well as a separate connection to their vLan where I get a public IP address on NIC #2.

My internal DNS server, my DC, is at IP address 192.168.16.2
My web server's IP address is 192.168.16.4 internally.

Every so often, the outside world loses connectivity to my web site.  This event is correlated with Event 11160 in my event viewer, so I'm sure they're related.  Manually running "ipconfig /registerdns" will resolve the connectivity issue.  As you can see below the Dnsapi Event 11160 is occurring on the NIC with the external static IP.

What is strange (to me) is that the DNS server it's trying to send the update to, 128.205.1.2, is NOT in my network connections anywhere (ipconfig /all included below the error).  I'm guessing that somehow, because I have that external IP and the gateway is the University gateway, it's trying to update it's PTR to the university's DNS server and it's not allowed?

I'm not certain if this is the case, or what the right thing to do here to resolve the issue is.  I understand all of this very very poorly, so please speak slowly and use small words :)

Thank you for your help.



Event Type:      Information
Event Source:      DnsApi
Event Category:      None
Event ID:      11160
Date:            7/10/2009
Time:            2:01:23 PM
User:            N/A
Computer:      ---WEB01
Description:
The system failed to register pointer (PTR) resource records (RRs) for network adapter
with settings:

   Adapter Name : {---}
   Host Name : ---web01
   Adapter-specific Domain Suffix : ---inc.local
   DNS server list :
           192.168.16.2
   Sent update to server : 128.205.1.2
   IP Address : 128.205.---.---

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ---web01
   Primary Dns Suffix  . . . . . . . : ---inc.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ---inc.local

Ethernet adapter Internal:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . . : ---
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.16.4
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.16.2
   DNS Servers . . . . . . . . . . . : 192.168.16.2

Ethernet adapter External:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-21-9B-FB-EE-44
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 128.205.---.---
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 128.205.---.---
   DNS Servers . . . . . . . . . . . : 192.168.16.2
0
Comment
Question by:benfinkel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24826293

Updates are sent to the server listed in the SOA Record for the zone. In this case, it's sending updates to ns.buffalo.edu. Is that part of your own network?

Chris
0
 
LVL 1

Author Comment

by:benfinkel
ID: 24839871
Well,

No.  buffalo.edu is the University acting as our ISP.  

Another change I've made is to hard-code the DNS servers on the External NIC to the University's DNS servers, as opposed to my Internal DNS server.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 50 total points
ID: 24839891

If you have a reverse lookup zone for the IP range then listing external DNS services in TCP/IP configuration is the most likely cause of the problem.

The system gets a different set of instructions based on the DNS server it talks to, and since it won't always talk to the preferred DNS server that's a very bad thing.

The only DNS servers listed on any NIC should be the internal DNS, the system that's able to properly service the requests made of it.

Chris
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question