timgbaldwin
asked on
Missing .local in prt record
I have been noticing DNS problems on the network. Timeouts, failed lookups, etc. While checking the ptr records on the domain controllers, I noticed that all other records show server.domain.local. While all 3 domain controllers have an additional ptr that show only server.domain. and missing the "local." on the end. If I delete these seemingly unnecessary entries, they are automatically re-created. It seems like this could be the source of my DNS problems. Is this normal for MS DNS?
We use our TWC Fiber ISP servers for DNS forwarders, and Open DNS. We've also used google DNS, but those seem to be worse for external lookups.
I've also run colosoft capsa 7 from my workstation and find hundreds of "DNS Server Error" and "TCP slow response" errors. When I run the BPA scan I get multiple warnings saying that the root hint servers must respond to queries for the root zone.
We have all NEW Dell server equipment, and new Cisco 48 port switches all set up in February. These problems just started recently. I'm not sure what could be causing these issues. Could someone help?
We use our TWC Fiber ISP servers for DNS forwarders, and Open DNS. We've also used google DNS, but those seem to be worse for external lookups.
I've also run colosoft capsa 7 from my workstation and find hundreds of "DNS Server Error" and "TCP slow response" errors. When I run the BPA scan I get multiple warnings saying that the root hint servers must respond to queries for the root zone.
We have all NEW Dell server equipment, and new Cisco 48 port switches all set up in February. These problems just started recently. I'm not sure what could be causing these issues. Could someone help?
ASKER
Actually I did add the .local in the dns tab of the virtual adapter shortly after posting. This did get rid of the "extra" entry missing the .local. I'm still having quite a few DNS problems though. Root hint servers not responding, DNS forwarders not responding, and my 2012 DNS server is showing a warning in the BPA - DNS:Zone TrustAnchors secondary server should respond to queries for the zone. I don't have a zone called TrustAnchors.
Could you run the following command and see if resolves it for you:
nslookup www.ati.com 8.8.8.8
What this command is to do is to try to resolve www.ati.com to its respective IP using DNS server 8.8.8.8. If this command doesn't work then it means that your server cannot talk to DNS servers on the Internet. In that case ensure TCP and UDP ports 53 are open for your DNS server as it could be blocked on the firewall.
nslookup www.ati.com 8.8.8.8
What this command is to do is to try to resolve www.ati.com to its respective IP using DNS server 8.8.8.8. If this command doesn't work then it means that your server cannot talk to DNS servers on the Internet. In that case ensure TCP and UDP ports 53 are open for your DNS server as it could be blocked on the firewall.
ASKER
We have rules in the firewall to allow DNS traffic to the internal DNS servers. When performing nslookups, sometimes they time out, and sometimes they go through. Sometimes there is one timeout, and then resolves on the 2nd attempt. All 3 internal DNS servers act the same way, and it wasn't like this until recently. I asked TWC if there was any issue with the router, or DNS traffic. They have no answers either.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Because this was the reason that DNS traffic was being dropped and causing all of the DNS problems.
ipconfig /registerdns
If the correct records are not there then check IP configuration, Advanced, DNS tab and ensure that there are no zones entered with .local missing and if so then correct it.