Avatar of timgbaldwin
timgbaldwin asked on

Missing .local in prt record

I have been noticing DNS problems on the network. Timeouts, failed lookups, etc. While checking the ptr records on the domain controllers, I noticed that all other records show server.domain.local. While all 3 domain controllers have an additional ptr that show only server.domain. and missing the "local." on the end. If I delete these seemingly unnecessary entries, they are automatically re-created. It seems like this could be the source of my DNS problems. Is this normal for MS DNS?

We use our TWC Fiber ISP servers for DNS forwarders, and Open DNS. We've also used google DNS, but those seem to be worse for external lookups.

I've also run colosoft capsa 7 from my workstation and find hundreds of "DNS Server Error" and "TCP slow response" errors. When I run the BPA scan I get multiple warnings saying that the root hint servers must respond to queries for the root zone.

We have all NEW Dell server equipment, and new Cisco 48 port switches all set up in February. These problems just started recently.  I'm not sure what could be causing these issues. Could someone help?
DNSDell

Avatar of undefined
Last Comment
timgbaldwin

8/22/2022 - Mon
Mohammed Khawaja

Please run the command below on your DCs and see if it registers the correct records:

ipconfig /registerdns

If the correct records are not there then check IP configuration, Advanced, DNS tab and ensure that there are no zones entered with .local missing and if so then correct it.
ASKER
timgbaldwin

Actually I did add the .local in the dns tab of the virtual adapter shortly after posting. This did get rid of the "extra" entry missing the .local. I'm still having quite a few DNS problems though. Root hint servers not responding, DNS forwarders not responding, and my 2012 DNS server is showing a warning in the BPA - DNS:Zone TrustAnchors secondary server should respond to queries for the zone. I don't have a zone called TrustAnchors.
Mohammed Khawaja

Could you run the following command and see if resolves it for you:

nslookup www.ati.com 8.8.8.8

What this command is to do is to try to resolve www.ati.com to its respective IP using DNS server 8.8.8.8.   If this command doesn't work then it means that your server cannot talk to DNS servers on the Internet.  In that case ensure TCP and UDP ports 53 are open for your DNS server as it could be blocked on the firewall.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER
timgbaldwin

We have rules in the firewall to allow DNS traffic to the internal DNS servers. When performing nslookups, sometimes they time out, and sometimes they go through. Sometimes there is one timeout, and then resolves on the 2nd attempt. All 3 internal DNS servers act the same way, and it wasn't like this until recently. I asked TWC if there was any issue with the router, or DNS traffic. They have no answers either.
ASKER CERTIFIED SOLUTION
timgbaldwin

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
timgbaldwin

Because this was the reason that DNS traffic was being dropped and causing all of the DNS problems.