JamesonJendreas
asked on
Microsoft DNS server errors 5501 and 5504
Kind of interesting, I have a client that is having issues with a specific DNS server. I did not setup their AD topology, so bear with me here.
The issue is described to me as happening after a power outage (not sure if this is 100% accurate), but when it happens, users at a specific site are unable to resolve DNS hostnames. Durning this period the DNS server is online, wit hit's services up, but there are no entiries in the lookup zones. Rebooting and allowing to sync the DNS server resolves the issue.
The users are pointed to this server as their primary DNS, and have another internal server as secondary (and google dns as tertiary) . Even though the 2nd & 3rd dns servers are fully functional, the clients who point to this as primary, can't resolve.
The main thing I see, is during the outage, I see a ton of Event ID's 5501 and a few 5504 errors with public IPs.
(snipped XML and scrubbed server/domain names):
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv er-Service
Date: 5/5/2014 12:33:35 PM
Event ID: 5501
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The DNS server encountered a bad packet from 199.73.83.1. Packet processing leads beyond packet length. The event data contains the DNS packet.
AND
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv er-Service
Date: 5/6/2014 8:32:25 AM
Event ID: 5504
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The DNS server encountered an invalid domain name in a packet from 217.68.64.4. The packet will be rejected. The event data contains the DNS packet.
The issue is described to me as happening after a power outage (not sure if this is 100% accurate), but when it happens, users at a specific site are unable to resolve DNS hostnames. Durning this period the DNS server is online, wit hit's services up, but there are no entiries in the lookup zones. Rebooting and allowing to sync the DNS server resolves the issue.
The users are pointed to this server as their primary DNS, and have another internal server as secondary (and google dns as tertiary) . Even though the 2nd & 3rd dns servers are fully functional, the clients who point to this as primary, can't resolve.
The main thing I see, is during the outage, I see a ton of Event ID's 5501 and a few 5504 errors with public IPs.
(snipped XML and scrubbed server/domain names):
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv
Date: 5/5/2014 12:33:35 PM
Event ID: 5501
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The DNS server encountered a bad packet from 199.73.83.1. Packet processing leads beyond packet length. The event data contains the DNS packet.
AND
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv
Date: 5/6/2014 8:32:25 AM
Event ID: 5504
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The DNS server encountered an invalid domain name in a packet from 217.68.64.4. The packet will be rejected. The event data contains the DNS packet.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.