Windows 2008 DNS Server Error 5504
Hello,
On my 2008 windows server standard r2 i am getting this erro 5504 being logged several times per day. This is the only domain controller and dns server in the domain. The server is not set up for any forwarders and just uses the root hints.
I have seen several articles saying could be firewall, you should set the forwarder to your isp. But none of these people seem so definte in their answer so i will try this.
Here is one of the errors.
The DNS server encountered an invalid domain name in a packet from 144.160.20.46. The packet will be rejected. The event data contains the DNS packet.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
On my 2008 windows server standard r2 i am getting this erro 5504 being logged several times per day. This is the only domain controller and dns server in the domain. The server is not set up for any forwarders and just uses the root hints.
I have seen several articles saying could be firewall, you should set the forwarder to your isp. But none of these people seem so definte in their answer so i will try this.
Here is one of the errors.
The DNS server encountered an invalid domain name in a packet from 144.160.20.46. The packet will be rejected. The event data contains the DNS packet.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
anyone home
Yep -- at home, and not at work. Takes longer to respond at home. ;-)
Those messages are DNS Spoofing protection messages:
http://en.wikipedia.org/wiki/DNS_cache_poisoning
Most likely the errors are being caused by other people's DNS servers which aren't configured correctly, although there is always a chance they are being generated by an intentional malicious attack against your system. The good news is that you are receiving log messages rather than having your DNS hijacked.
Those messages are DNS Spoofing protection messages:
http://en.wikipedia.org/wiki/DNS_cache_poisoning
Most likely the errors are being caused by other people's DNS servers which aren't configured correctly, although there is always a chance they are being generated by an intentional malicious attack against your system. The good news is that you are receiving log messages rather than having your DNS hijacked.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks guys let me read all these articles and ill get back to you!
ASKER
so does this mean i should set up a forward to my ISPs DNS server instead of it going straight for the root hints? What do you guys think?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
everyting works fine now i think with the one dns server and using the root hints, but it seems like these articles say i should use a isp dns server as a forwarder instead? But do you think i should not?
ASKER
also what do you think about this reg tweak that i saw when i was orignally searching for this 5504 error message?
DNS Forwarders should be used.
ASKER