Solved

Multiple DNS Errors when running dcdiag /test:dns

Posted on 2013-01-08
17
759 Views
Last Modified: 2013-01-14
Just added a new DNS server.  However, I used the old DNS server FQDN and IP address from the server that was removed two weeks ago.  Don't know if that's an issue.  I was told it shouldn't be.  
There are any network problems with the servers or workstations that I'm aware of.  The reason I ran the test was that in a previous post of mine I was trying to find a rogue DNS server which the Experts did solve.  However during solving that problem other DNS problems surfaced.
When I run ipconfig /all from a workstation all DNS/DHCP servers are correct.
See the attached error.  ignore the spcala02.laspca.corp unavailable.  That is fixed

If I run NSlookup I get "default server unknown Address 172.17.1.30.  Which is the DNS server that was removed two weeks ago and then added back in today.

Hope this make sense
0
Comment
Question by:J.R. Sitman
17 Comments
 
LVL 39

Expert Comment

by:footech
ID: 38757376
Did you mean to attach a DCDiag report?

The result you see when you run nslookup is because you don't have a Reverse Lookup Zone with a PTR record which points to the DNS server.
0
 

Author Comment

by:J.R. Sitman
ID: 38757385
sorry.  Attached is the report from the DNS server "dnsfail2" and the new dns server dnsfail3.
dnsfail2.jpg
dnsfail3.jpg
0
 

Author Comment

by:J.R. Sitman
ID: 38757454
Suggestion.  What if I remove the DNS role for the new (rebuilt) server, remove it from DHCP, and do a DNSflush.  Then change the server IP to a new one.  Then run the test on the remaining server?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 39

Accepted Solution

by:
footech earned 400 total points
ID: 38757474
You can see more detail if you run dcdiag /v /test:dns.  The results I'm seeing aren't anything to worry about.  You probably don't have IPv6 configured on the server.  If you configure a forwarder you won't see any warnings in dcdiag.
0
 

Author Comment

by:J.R. Sitman
ID: 38757512
ok the results are better, but much larger.  How do I send the file in one piece?
0
 

Author Comment

by:J.R. Sitman
ID: 38757553
the dnstest is from the new server.  dnsfileserver is the old server.  I believe they are different?  shouldn't they be the same?

Thanks for helping
dnstest.txt
dnstestfileserver.txt
0
 
LVL 13

Assisted Solution

by:Jaihunt
Jaihunt earned 100 total points
ID: 38758885
Hi

IPV6 for root dns is failing. are you using IPV6. Disable the IPV6 in your network card and in DNSmgmt.msc point the DNS to this IP uncheck the IPV6 version IP.
Then try to run dcdiag /v /test:dns

thanks
Jai
0
 

Assisted Solution

by:J.R. Sitman
J.R. Sitman earned 0 total points
ID: 38759649
need some help with this, DNSmgmt.msc point the DNS to this IP uncheck the IPV6 version IP.  How?
0
 
LVL 39

Assisted Solution

by:footech
footech earned 400 total points
ID: 38759767
If you want you could try disabling IPv6, but just unchecking it in NIC properties won't do this and you will still see the same warnings regarding root hints.  Also, if IPv6 is unchecked on the NIC, if you go to DNS Management console > interfaces tab, the IPv6 IP won't show up so you can't uncheck it there.  In my experience, even if you uncheck the IPv6 interface in DNS you will still get the warnings when running dcdiag - I believe this will be true unless you configure your network to handle IPv6.  I haven't configured any network to fully support IPv6 so I can't say for certain.

As I mentioned before, warnings like
 
DNS server: 2001:7fd::1 (k.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:7fd::1               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
are not a problem, you can safely ignore them.
In the dnstestfileserver.txt results you had some like
Status:A record not found
                     [Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]
                     Error:l.root-servers.net. IP: <Unavailable>
 These you could resolve by going to the root hints tab > click the particular root hint > click the Edit button > click the Resolve button > click OK.  This will update the IP that is used for that particular root hint.
0
 

Author Comment

by:J.R. Sitman
ID: 38759804
So if I'm understanding correctly, we don't have a problem, correct?

See attachment.  Do you recommend I select "only the following" and then only choose "172.17.1.33"  I have no idea what the other IP is?
dnsinterface.jpg
0
 
LVL 39

Assisted Solution

by:footech
footech earned 400 total points
ID: 38760093
Correct.

The other IP is your IPv6 IP.  If you haven't configured a static IPv6 IP, one will automatically be assigned (a link-local address I believe).  I've never seen a case where it makes a difference whether you have both checked or just the IPv4 IP with them on the same NIC.  You could uncheck the IPv6 from your NIC if it bothers you.  You shouldn't notice a functionality difference either way.
0
 

Author Comment

by:J.R. Sitman
ID: 38761276
I've never seen EE do this before.  I accepted the appropriate answers.  Why are they asking if there are any objections?
0
 
LVL 39

Expert Comment

by:footech
ID: 38761330
Honestly I don't have a clear picture of when a question will close immediately and when it will go to pending asking for any objections.
0
 

Author Comment

by:J.R. Sitman
ID: 38761369
this is a first for me.

Thanks for helping
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 38764031
Sorry I didn't make it in to provide assistance on this, but I think a question goes to a "pending" state if you accept one of your own comments, even if you accept it for zero points.
0
 

Author Comment

by:J.R. Sitman
ID: 38764257
Ah, must have done that by mistake.  Thanks for clarifying
0
 

Author Closing Comment

by:J.R. Sitman
ID: 38773819
thanks for all the help and patience.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now