Hi,
I am getting a lot of errors/warnings in the Server 2012 Best Practice Tool for my DNS server.
I have 2 sites:
Local Network: 192.168.16.0
-- DC/DNS Server1 (win 2012): 192.168.16.11 / fc;1234:5678:9abc::11
-- DC/DNS Server2 (win 2012): 192.168.16.21 / fc;1234:5678:9abc::21
Azure: 10.4.2.0
-- DC/DNS Server3 (win 2012): 10.4.2.5
The errors/warnings i am getting (and there alot):
Errors:
(1) Zone TrustAnchors secondard servers must respond to queries for the zone
(2) At least one name server in the list of root hiints must respond to queries for the root zone.
(3) At Least one DNS server on the list of forwarders must respond to DNS queries
Warnings:
Zone TrustAnchones secondard server 192.168.16.21 should respond to queries for the zone
Zone TrustAnchones secondard server 10.4.2.5 should respond to queries for the zone
(plus i have this for the following IP addresses: fc00:1234:5678:9abc:a42d:8f0:d407:c572, fc00:1234:5678:9abc:3827:74d2:8c82:c2ca, fc00:1234:5678:9abc:a157:ec04:1a5f:8b90, fc00:1234:5678:9abc::6, fc00:1234:5678:9abc:3b32:c635:33e3:52f2, fc00:1234:5678:9abc::11, fc00:1234:5678:9abc::17, fc00:1234:5678:9abc::21, fc00:1234:5678:9abc:d0d0:39d9:1db2:51b5 )
Root hint server 192.33.4.12 must respond to NS queries for the root zone
(i have this for every route hint)
Forwarding server 8.8.4.4 should respond to DNS queries.
(Also the same for 8.8.4.4
All my computers on my network are confiremd to use 192.168.16.11/192.168.16.21/fc00:1234:5678:9abc::11/fc00:1234:5678:9abc::21 as their DNS servers - and every computer can access the internet properly.
When i go into DNS manager - into Root Hints, press edit - it fails to validate the root hint.
what am i doing wrong - the error message i get is:A timeout occured during validation.
i beleive i only have a primary DNS zone that is replicated to my 3 DNS servers.
Forward Lookup Zones
_msdcs.DomainName.Local
DomainName.Local
Reverse Lookup Zones:
0.0.0.1.8.7.6.54.3.2.1.0.0.c.f.ip6.arpa (ipv6 local network range)
16.168.192.in-addr.arp (ipv5 local network range)
2.4.10.in-addr.arpa (azure network range)
c.b.a.9.8.7.6.5.4.3.2.1.0.0.c.f.ip6.arpa (DirectAccess Clients)
can anyone help me out?
many thanks
jack
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.