Missing .local in prt record

I have been noticing DNS problems on the network. Timeouts, failed lookups, etc. While checking the ptr records on the domain controllers, I noticed that all other records show server.domain.local. While all 3 domain controllers have an additional ptr that show only server.domain. and missing the "local." on the end. If I delete these seemingly unnecessary entries, they are automatically re-created. It seems like this could be the source of my DNS problems. Is this normal for MS DNS?

We use our TWC Fiber ISP servers for DNS forwarders, and Open DNS. We've also used google DNS, but those seem to be worse for external lookups.

I've also run colosoft capsa 7 from my workstation and find hundreds of "DNS Server Error" and "TCP slow response" errors. When I run the BPA scan I get multiple warnings saying that the root hint servers must respond to queries for the root zone.

We have all NEW Dell server equipment, and new Cisco 48 port switches all set up in February. These problems just started recently.  I'm not sure what could be causing these issues. Could someone help?
LVL 1
timgbaldwinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Please run the command below on your DCs and see if it registers the correct records:

ipconfig /registerdns

If the correct records are not there then check IP configuration, Advanced, DNS tab and ensure that there are no zones entered with .local missing and if so then correct it.
0
timgbaldwinAuthor Commented:
Actually I did add the .local in the dns tab of the virtual adapter shortly after posting. This did get rid of the "extra" entry missing the .local. I'm still having quite a few DNS problems though. Root hint servers not responding, DNS forwarders not responding, and my 2012 DNS server is showing a warning in the BPA - DNS:Zone TrustAnchors secondary server should respond to queries for the zone. I don't have a zone called TrustAnchors.
0
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Could you run the following command and see if resolves it for you:

nslookup www.ati.com 8.8.8.8

What this command is to do is to try to resolve www.ati.com to its respective IP using DNS server 8.8.8.8.   If this command doesn't work then it means that your server cannot talk to DNS servers on the Internet.  In that case ensure TCP and UDP ports 53 are open for your DNS server as it could be blocked on the firewall.
0
INTRODUCING: WatchGuard's New MFA Solution

WatchGuard is proud to announce the launch of AuthPoint, a powerful, yet simple, Cloud-based MFA service designed to eliminate the vulnerabilities that put your data, systems, and users at risk.

timgbaldwinAuthor Commented:
We have rules in the firewall to allow DNS traffic to the internal DNS servers. When performing nslookups, sometimes they time out, and sometimes they go through. Sometimes there is one timeout, and then resolves on the 2nd attempt. All 3 internal DNS servers act the same way, and it wasn't like this until recently. I asked TWC if there was any issue with the router, or DNS traffic. They have no answers either.
0
timgbaldwinAuthor Commented:
Wanted to add that the issue was resolved by disabling the intrusion prevention on the cisco small business firewall. I have since then upgraded to a barracuda NG 400.. Much nicer.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
timgbaldwinAuthor Commented:
Because this was the reason that DNS traffic was being dropped and causing all of the DNS problems.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.