Microsoft SBS 2003 Server having DNS issues

Posted on 2012-08-27
Last Modified: 2012-10-01
I have a Microsoft Windows Small Business Server 2003. It's up and running and appears to be working somewhat normal. Everyone can get into their data and Outlook. I basically just inherited the server from a previous IT company who has been failing supporting them. My future plans is to build and SBS 2008 server. For now I need to get this one running smoothly

I first started seeing problems when I attempted to do an online backup using MozyPro (an online data backup service). It failed consistently. I spent hours with tech support trying to resolve the problem to no avail. My personal laptop also has MozyPro and it fails on their network as well - where it works well at any other location. I even tried to change my laptop DNS server to point to the gateway of the router and it failed as well. So I knew it wasn't any proxy related issue.
As a test I removed the original router (Cisco Small Business RV 120W Router)
 and installed a Cisco Linksys Wireless-N Home Router, Model WRT120N. I disabled the DHCP. Once I swapped out the router, the server started backing up successfully using MozyPro. In addition, my laptop being attached to the same LAN also backed up fine.
-      Now the problem is, half of the users could not connect to the exchange server.  So for now, I had to switch back to the original router. Users can now access Outlook but of course the backups of failing.

Here are some of my concerns
-      I don't believe the original Cisco small business router is configured correctly or even the correct router to use in this environment. First of all I am not familiar with this router but I know the basic and required settings. The company the supported this network previously originally had a SonicWALL router but they removed it and replaced it with the Cisco small business router.
-      When I look at the settings of the Cisco small business router, there weren't really any settings that stood out. It was basically factory default.
-      The ISP for this network is Comcast. They have a dynamic IP address because they don't need a static IP. The Cisco small business router just picks up the private IP address issued by the Comcast modem. Pretty much a standard configuration for a dynamic public IP address.

The IP address of the SBS server 2003 is: (
the IP address of the server gateway is:
the IP address of the server's Primary DNS is pointed to itself which is: (which I believe is correct when setting up DNS on the SBS 2003 server)
-      there is no entry for the secondary DNS server

Under DNSMGMT the DNS Event logs is showing these errors every few minutes. The website in the “ “ would be different websites that perhaps users are accessing. There are hundreds of entries some showing different websites within the quotations
The DNS server encountered a packet addressed to itself on IP address The packet is for the DNS name ".". The packet will be discarded. This condition usually indicates a configuration error.
Check the following areas for possible self-send configuration errors:
  1) Forwarders list. (DNS servers should not forward to themselves).
  2) Master lists of secondary zones.
  3) Notify lists of primary zones.
  4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
  5) Root hints

Currently all users can access data on the server and they can successfully connect to the exchange server.
However, I have one other major issue. About a week ago when I swapped out the routers to use the Linksys home router, some users can get to exchange some users couldn't. All PCs on the network are in the domain.
-      There is one user has a laptop that's in a workgroup. He can connect to the server's data and exchange when connected to the original router. Now that I have the Linksys home router connected, he cannot connect to any of the map data drives and exchange. The quick fix would be to put the original router back in place. But if I did that the backups fail again.
I am somewhat stuck as to what my next action should be

 I think my main concern at this point is. I believe it's DNS related
-      what is the minimum and correct settings I should be using in the router?
-      is there possibly something wrong that set up and DNS on the server?
Question by:agieryic
    LVL 13

    Assisted Solution

    Open DNS Management
    Right click the SBS Server and choose properties
    Click the Forwarders Tab
    Put, and Comcasts DNS server(s)

    Verify that you can do an external NSLookup from the SBS Server.


    If that errors out then you should check to see if tcp/udp port 53 outgoing is blocked on the firewall.

    Your clients should be using the SBS Server for DNS as their primary and the secondary should be the router/firewall.
    LVL 11

    Accepted Solution

    Clients must only point to SBS server for DNS. Forwarders need to be set up (as per previous poster).

    You should also run the IECW again if you are changing the router IP as per this article :-

    If after doing all this you still have a problem with the new router, please post appropriate events on both client and server.
    Good luck !!
    LVL 9

    Expert Comment

    I only point other DNS in networks where server runs well and leave my secondary empty for older networks like this.  Often an older machine won't keep pace with everything and the clients will look to the second DNS for resolution.  And you should skip the 2008 and move to SBS 2011.

    Also, if you check out reviews for this model, you will find there are many stating the unit performs poorly for various reasons, including being unable to resolve external addresses.  If you have all the settings for your ISP (and sounds like it is minimal, since DHCP), then you can do a firmware update, then wipe the settings and just start fresh.

    I would also check out when the users that are unable to get to the exchange on the new router are on the correct network settings.  I had inherited a client similar situation, and the ones who were not connecting correctly had custom settings in the network cards to make them connect.
    LVL 11

    Expert Comment

    Best way to ensure clients are set correctly is to set all using DHCP (and reservations if necessary), that way you can be fairly sure they are configured to point to your SBS server for their DNS.
    LVL 1

    Author Comment

    When mentioning DHCP, you are referring to DHCP on the server and not the router? I have to DHCP disabled on the router for the LAN

    I just now received an approval to get a static IP address from Comcast. This will eliminate using the Comcast modem as a gateway router and just a modem and pass through all IP information straight to the router. I assume this should help make the configuration on the router easier.

    There is a lot a good information just now posted and I will be looking at performing these today after hours.

    So that I understand this correctly is it recommended to use the routers IP address as a secondary DNS server IP address on the server?

    On another SBS 2008 server I support, I have all of the clients using a static LAN IP address and pointing their primary DNS to the servers private static IP address.
    LVL 1

    Author Comment

    I would also like to respond to "tsaico" comment about skipping 2008 and going to 2011. I have experience with 2008 but absolutely no experience with 2011. 2008 has been pretty stable with all my research. I don't hear much about 2011. Are you supporting 2011? Are you finding it easier to maintain want to set up versus 2008?

    When I do upgrade this client to 2008 or 2011, I will be using a very powerful HP ProLiant DL 380 G5 server. If supported by 2008, but HP hasn't updated their documentation stating whether 2011 supported. I would assume if the server supports 2008 that it should be able to support 2011. The server I'm using will have a minimum of 8 GB of RAM but more than likely upgraded to 12 GB RAM. Thanks for your recommendation. Just wanted to know what you thought my comments
    LVL 11

    Expert Comment

    Noooo - don't point your server DNS to the router - this can screw up your records in AD completely. If you think about it, why would you want to get DNS directly from an external facing device ? Much better to FORWARD any requests not destined for your internal domain to either the router or preferably the designated DNS servers for your ISP. Set up DHCP on your SBS server to provide IP configuration, DNS, Gateway, WINS etc to your clients. You should be able to check the client leases through the DHCP console. Re run the IECW and you should then have a working environment. If you have any issues after doing all this let us know and we can troubleshoot.
    LVL 1

    Author Comment

    TheGeezer2010 - I understand. I'm going onsite this morning to test this
    LVL 11

    Assisted Solution

    Some users finding exchange server some other don't (Outlook version..maybe).

    DHCP on router should be off.  IP on server should be Static.

    Router is for your connection to the world (WAN).  Network should be able to operate without it just not internet access or emails coming in but users should be able to access your resources.

    Resources may be accessible as they are set up as "\\fileserver\share\", exchange on the other hand specially will search in your DNS records for this.  if you have more than one record for this then some outlook versions will not test the ip for the connection.

    Make sure your SBS has only one IP (static) and there are no duplicates on your DNS server.

    For your Online Backups, Most "Home" routers have all ports open unless you configure it to close them, most likely you need to open the ports you need for the backups on the "Business" one.

    Remember when changing DHCP Servers to keep same IP structure, if you changed it you should clear you DNS server, shut down all your machines, reboot all you servers first then your workstations, like this you will get clean DNS records unless you want to go one by one and run ipconfig /flushdns and then ipconfig /registerdns.
    LVL 9

    Assisted Solution

    I have a couple of SBS 2011 machines.  They are still Windows 2008r2 and now just exchange 2010 and SharePoint 2010, so you already get the current version, and neither are "new", just new to the package of SBS.  So while they do have their own quirks (such as I liked the GUI in Exchange Tools better, just user preference) and there are some things that changed, it isn't as big a jump as Exchange 2003 was to 2008.

    As for difficulty in setup/configure/maintain, I find it to be the same difficulty/ease on both occasions.  One was a SBS 2k3 to SBS 2011, the other was a 2008 Standard Original Release with no exchange but SharePoint to SBS 2011.

    As to the posts on your OP, I agree with the others on reservations vs static, DHCP on server not router,  and a slight adjustment, on hecgomrec's post, the home routers do not have all ports open on inbound, only outbound.  But regardless, there are many reasons to not use a home router on a business connection.
    LVL 1

    Author Comment

    I am so sorry for not getting back to all the comments.
    I successfully installed a Netgear Prosafe FVS 336Gv2. I love this router. It replaced the FVS 338 which I used everywhere.

    I checked and confirmed all your recomendations. All seems to be fine.
    I believe the biggest culprit of all my issues was the "home based" router that was originally installed.
    LVL 1

    Author Closing Comment

    Great information

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Are end users causing IT problems again?

    You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now