• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1291
  • Last Modified:

Setting up DNS on Windows Server 2008 R2

I have several DNS errors when scanning the DNS role in the Roles Wizard in Server 2008 R2.

I get "The network adapter Local Area Connection does not list the loopback IP address as a DNS server, or it is configured as the first entry."

In the network adapter settings, the server (IP address 192.168.0.3) lists the first DNS as 192.168.0.3 and the second as 127.0.0.1.

If I remove 127.0.0.1 and rescan the role, I get: "The network adapter Local Area Connection does not list the loopback IP address as a DNS server, or it is configured as the first entry."  Neither assumption is true.

I also get, "Local Area Connection has only the preferred DNS server configured." and recommends, "Click Start, click Network, click Network and Sharing Center, and then click Change adapter settings to configure at least two DNS servers per interface."  This I tried to do by adding 127.0.0.1 as the 2nd dns entry. But it gives the first error noted.

Any idea how I resolve this?
0
DaveWWW
Asked:
DaveWWW
1 Solution
 
Cliff GaliherCommented:
BPAs have several types of conditions. Some are informational. Some are warnings. Some are errors.

Errors should be addressed.  Warnings are exactly that, and depending on the environment, can be safely ignored.  For example, listing your server's IP address in the primary and the loopback in the secondary, if they both reference the same server, offers NO actual redundancy. The warning is letting you know that if the primary DNS server is unavailable, you won't have DNS services. But in a single DC environment, that is true if the DNS server fails, so the warning can be safely ignored.

Another example is Exchange. It's BPA will throw one kind of warning if you allow older clients to connect, letting you know that older clients may be insecure. But if you tighten it up, it throws another warning letting you know that older clients may not be able to connect. Basically you *cannot* get rid of all warnings, because the two are mutually exclusive. Again, you choose the one that fits your security model.

So unless you have a second DC, put the one server in the IP address and accept the warning.

-Cliff
0
 
KorbusCommented:
"the server (IP address 192.168.0.3) lists the first DNS as 192.168.0.3"

-might not be 127.0.0.1 but I guess technically it IS a loopback (points to itself)

I agree with cgaliher-  you can probabaly ignore that one unless your setting up a DNS server array, or somthing like that.
0
 
Mohammed HamadaSenior IT ConsultantCommented:
If you don't have a second DNS server, you can just use the localhost ip on the DNS. but you need to make sure that you have setup the forwarders for the DNS to resolve external domain names.
0
 
DaveWWWAuthor Commented:
Although the loopback was listed by BPA as an error, not a warning, web sites are resolving correctly, so I'm happy to ignore the BPA on this one!  Thanks.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now