DNS servers on Local Area Connection should include the loopback address, but not as the first entry.

Hello,

I'm getting these errors when I perform Best Pratice Analyser.

Title:
DNS: DNS servers on Local Area Connection should include the loopback address, but not as the first entry.

Severity:
Error

Date:
9/21/2011 1:48:37 PM

Category:
Configuration

Issue:
The network adapter Local Area Connection does not list the loopback IP address as a DNS server, or it is configured as the first entry.

Impact:
If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners.

Resolution:
Configure adapter settings to add the loopback IP address to the list of DNS servers on all active interfaces, but not as the first server in the list.


I tried Resolution and added Loopback address as secondary server. Still same error.

More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=121980

Title:
DNS: More than one forwarding server should be configured.

Severity:
Warning

Date:
9/21/2011 1:48:37 PM

Category:
Configuration

Issue:
There is only one forwarder configured on the DNS server.

Impact:
The forwarder 4.2.2.2 is a single point of failure.

Resolution:
Configure additional forwarders on the DNS server.

More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=188788

Title:
DNS: Root hint server 198.32.64.12 must respond to NS queries for the root zone.

Severity:
Warning

Date:
9/21/2011 1:48:37 PM

Category:
Configuration

Issue:
The root hint server 198.32.64.12 is not responding.

Impact:
The DNS server might be unable to resolve external host names.

Resolution:
Validate network connectivity to root hint servers. Remove 198.32.64.12 from the list if it is unresponsive.

More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=188803
LVL 1
Jaime CamposAsked:
Who is Participating?
 
Lester_ClaytonConnect With a Mentor Commented:
Hm, just a random thought - do you have more than 1 network adapter?  If so, is it your first network adapter that has these settings?

And one more, completely bizarre question - is your primary network adapter called "Local Area Connection" or is it something else?  What if you rename it to "Local Area Connection" ?

Just clutching at straws here :)
0
 
Lester_ClaytonCommented:
The reason "Best Practices" suggest that you should have a loopback address as one of your DNS servers is because just in case your Domain Controller's IP is used by another machine, and becomes an IP conflict.  In this case, your host's IP will cease, and as a result DNS will stop working.

Ideally, your Adapter should list 127.0.0.1 as the second DNS server.  If your network interface does become broken, at least your domain controller can still resolve names.  Naturally, it can't talk to anything else which kind of makes it useless, but hey, it's "best practice" :)

Does your TCP/IP on your Network Adapter looks similar to the following?  (Note Alternate DNS Server).

 TCP IP settings
0
 
Jaime CamposAuthor Commented:
Yes. On my DNS/DC Network Adapter it has Alternate DNS Server: 127.0.0.1
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
Lester_ClaytonCommented:
Then I'm afraid I do not know why it is erroneously telling you to do something you've already done :)

I'd just ignore that particular part of the report.
0
 
abhijitwaikarConnect With a Mentor Commented:
Even if BPA says, personally I recommend you that just remove the loopback IP entry from NIC, Its reserved only for LOOPBACK processing.

Also if you place loopback IP then DCDIAG test will fail with error: DNS GUID could not be resolve, Its our duty to make sure that server retains the same IP.
or

You have only option that ignore that part in report if you want to continue with same settings.

NOTE: If you have more than one NIC then just disable the other adapters.
0
 
APHComputersLtdCommented:
The scans checks the NIC / s and if IPv6 is installed it will check that as well.

If you do not have IPv6 DNS rolled out in your environment, simply change the option within IPV6 Properties to "Obtain DNS Server Address Automatically". Then run the scan again.

Also as mentioned  by: abhijitwaikar.....Remove the loopback address.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.