I am getting a lot of errors/warnings in the Server 2012 Best Practice Tool for my DNS server.
I have 2 sites:
Local Network: 192.168.16.0
-- DC/DNS Server1 (win 2012): 192.168.16.11 / fc;1234:5678:9abc::11
-- DC/DNS Server2 (win 2012): 192.168.16.21 / fc;1234:5678:9abc::21
-- DC/DNS Server3 (win 2012): 10.4.2.5
The errors/warnings i am getting (and there alot):
(1) Zone TrustAnchors secondard servers must respond to queries for the zone
(2) At least one name server in the list of root hiints must respond to queries for the root zone.
(3) At Least one DNS server on the list of forwarders must respond to DNS queries
Zone TrustAnchones secondard server 192.168.16.21 should respond to queries for the zone
Zone TrustAnchones secondard server 10.4.2.5 should respond to queries for the zone
(plus i have this for the following IP addresses: fc00:1234:5678:9abc:a42d:8f0:d407:c572, fc00:1234:5678:9abc:3827:74d2:8c82:c2ca, fc00:1234:5678:9abc:a157:ec04:1a5f:8b90, fc00:1234:5678:9abc::6, fc00:1234:5678:9abc:3b32:c635:33e3:52f2, fc00:1234:5678:9abc::11, fc00:1234:5678:9abc::17, fc00:1234:5678:9abc::21, fc00:1234:5678:9abc:d0d0:39d9:1db2:51b5 )
Root hint server 18.104.22.168 must respond to NS queries for the root zone
(i have this for every route hint)
Forwarding server 22.214.171.124 should respond to DNS queries.
(Also the same for 126.96.36.199
All my computers on my network are confiremd to use 192.168.16.11/192.168.16.21/fc00:1234:5678:9abc::11/fc00:1234:5678:9abc::21 as their DNS servers - and every computer can access the internet properly.
When i go into DNS manager - into Root Hints, press edit - it fails to validate the root hint.
what am i doing wrong - the error message i get is:A timeout occured during validation.
i beleive i only have a primary DNS zone that is replicated to my 3 DNS servers.
Forward Lookup Zones
Reverse Lookup Zones:
0.0.0.1.188.8.131.52.184.108.40.206.0.c.f.ip6.arpa (ipv6 local network range)
16.168.192.in-addr.arp (ipv5 local network range)
2.4.10.in-addr.arpa (azure network range)
c.b.a.220.127.116.11.18.104.22.168.1.0.0.c.f.ip6.arpa (DirectAccess Clients)
can anyone help me out?