Articles

Solved dns forwards errors from server

February 25, 2013 at 05:11:41
Specs: SBS2003, 2.67 Xenon / 4gb

this problem started last week and continues. DNS seems to be working fine on my server, no errors in event log. while surfing the internet we will get an occasional "unable to display page" error. you can hit refresh a few times and it will finally load the page. i ran a through dns test and here are the results, the ones that failed. this is a SBS 2003 SERVER.

Summary of test results for DNS servers used by the above domain controllers:

DNS server: 202.12.27.33 (m.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 202.12.27.33
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 199.7.91.13 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 199.7.91.13
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 199.7.83.42 (l.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 199.7.83.42
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 198.41.0.4 (a.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 198.41.0.4
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 193.0.14.129 (k.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 193.0.14.129
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 192.58.128.30 (j.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.58.128.30
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 192.5.5.241 (f.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.5.5.241
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 192.36.148.17 (i.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.36.148.17
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 192.33.4.12 (c.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.33.4.12
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 192.228.79.201 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.228.79.201
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 192.203.230.10 (e.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.203.230.10
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 192.112.36.4 (g.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.112.36.4
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.8.10.90
[Error details: 9002 (Type: Win32 - Description: DNS server failu
re.)]

DNS server: 128.63.2.53 (h.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.63.2.53
[Error details: 1460 (Type: Win32 - Description: This operation r
eturned because the timeout period expired.)]

DNS server: 170.215.184.3 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.

DNS server: 170.215.126.3 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.

DNS server: 10.10.10.3 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.
Name resolution is funtional. _ldap._tcp SRV record for the fores
t root domain is registered

DNS server: 10.10.10.1 (fw001.fwmfg.local.)
All tests passed on this DNS server
This is a valid DNS server.
Name resolution is funtional. _ldap._tcp SRV record for the fores
t root domain is registered
Delegation to the domain _msdcs.fwmfg.local. is operational

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: fwmfg.local
fw001 PASS PASS PASS PASS PASS PASS n/a
fw003 PASS PASS FAIL PASS PASS PASS n/a
i have a feeling it has to do with my forwarders. seems like an awfully lot of these are failing. any help would be greatly appreciated..


See More: dns forwards errors from server

Report •


✔ Best Answer
February 26, 2013 at 09:25:11

Your dns does not look correct to me.

You should only have fwmfg.local not the msdcs.fwmfg.local

There is no reason for the alias's. Instead you should have host entries with their ip addressess like
fw001 Host(A) ip address static
fw003 Host(A) ip address static

You should also see
_msdcs
_sites
_tcp
_udp
here. Do you?

It appears someone has been editing the dns server entries. Who and when did this happen?

We also have the issue of 1.0.0.127.in-addr.arpa. 127.0.0.1 is the loopback ip which if being consulted for dns goes nowhere.

Do you see the 1.0.0.127 in the reverse lookup zone? What do you have listed for dns in the servers dns tcp/ip properties?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's



#1
February 25, 2013 at 08:47:25

Doesn't appear you have any forwarders but are only using the default root servers.

In the SBS dns server you have forwarders [not to be confused with forward lookup zone]. You should have your ISP's dns servers listed here.

1.0.0.12 is not a valid ip

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#2
February 25, 2013 at 09:14:35

It's not 1.0.0.12, it's 1.0.0.127.in-addr.arpa. Isn't that a reverse lookup on 127.0.0.1? Why's it doing that? Are you sure that your DNS server has forward and reverse mappings for localhost?

Have a read of this article: http://www.oreillynet.com/pub/a/sys... particularly the bit about localhost mapping.


Report •

#3
February 25, 2013 at 13:29:50

when i go START/ADMINISTRATIVE TOOLS/DNS.. Choose my domain, i have 2 folders, forward lookup and reverse lookup
i also have 2 properties, root hints and forwarders
in the forwarders it list 170.215.184.3 and 170.215.126.3
these are listed as frontier.net dns servers and frontier is our isp.
the root hints have the whole list of items, all pretty much starting like this.
e.root-servers.net, a.root-servers.net, l.root-servers.net and gives ip addresses for those.
I am the only one in this building making any changes to our servers. Things were working fine last week. a few weeks ago we got our internet upgraded and they changed out the modem. we kept the same router and made no changes to it at all. things were running fine for about 3 weeks but then last friday I got to noticing some "cannot display page" from firefox. not a whole lot but enough to let me know something is going on. My boss knows little about the servers but thinks it's a dns issue and i have to agree with him.i've been looking all over to try and figure this out. it's still happening today but not nearly as bad. i can ping those frontier.net ip address and they give a ping. i can ping all the other ip addresses in the list and they do answer back. but once or twice while doing the ping i get nothing. like it's lost just long enough to time out. only changes i've done to the servers is to add someone to AD, logon and email stuff.. No changes at all to policies or anything of that nature.

Report •

Related Solutions

#4
February 25, 2013 at 15:15:37

Do you have your domain name under forward lookup zone?

If you expand this do you see your NS entry along with .msdcs, .sites, .tcp and .udp along with your host entries?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#5
February 26, 2013 at 07:01:31

Here's what i have
FW001
...Forward Lookup Zones
.........._msdcs.fwmfg.local
.......... fwmfg.local
Reverse Lookup Zones
...........10.10.10.x Subnet
Event Viewer

under the _msdcs.fwmfg.local i have 4 folders, DC,DOMAINS,GC,PDC
i have 5 notepad looking files in there as well
same as parent folder - start of Authority(soa) [124], fw001.fwmfg.local., hoastmaster
same as parent - name server (ns) - fw003.fwmfg.local
same as parent - name server (ns) - fw001.fwmfg.local
0985c50d-f448-4148-8e35-b30bd48082ee - alias(cname) - fw001.fwmfg.local
8f8c9286-983c-4561-9a92-9c019801fc7c - alias(cname) - fw003.fwmfg.local

frontiernet.net is our isp, i just got off the phone with them. they gave me 2 more dns server addresses to try. i tried them.. sometimes i get a reply, sometimes i don't. it has to be MY server. i'll do nslookup, server "their ip" microsoft.com
sometimes i get a reply, most times i don't.


Report •

#6
February 26, 2013 at 09:25:11
✔ Best Answer

Your dns does not look correct to me.

You should only have fwmfg.local not the msdcs.fwmfg.local

There is no reason for the alias's. Instead you should have host entries with their ip addressess like
fw001 Host(A) ip address static
fw003 Host(A) ip address static

You should also see
_msdcs
_sites
_tcp
_udp
here. Do you?

It appears someone has been editing the dns server entries. Who and when did this happen?

We also have the issue of 1.0.0.127.in-addr.arpa. 127.0.0.1 is the loopback ip which if being consulted for dns goes nowhere.

Do you see the 1.0.0.127 in the reverse lookup zone? What do you have listed for dns in the servers dns tcp/ip properties?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#7
February 26, 2013 at 11:48:06

I just went through every file in the dns server.. i can't find 1.0.0.127 or 127.0.0.1 anywhere in the lists.. no one has been editing any of these settings..we have has 2 other it guys in the past few years and our admin password is the same. i don't see why either of them would remote in to change anything. they left the company on good terms. i've had a couple of other weird things going on lately.. just today i found a user that wasn't set up on exchange server, they had her set up to grab her mail from our 3rd party email company.. she had no global catalog or anything.. local email wasn't getting to her at all. i've been on this job for 5 months now and i'm still finding things. when all this started i was working all day in the server room trying to figure this problem out. a couple of guys ask me why i wasn't playing online games in there, the last guy played them all the time, on our server.. i about freaked out. near as i can tell, there's no antivirus running on our main server, don't see that as being an ideal situation. until last week, i had never had a reason to look into dns, didn't know anything about forwarders or anything. about our servers tcp/ip, it is set up to look to its self then to the other domain server, it is also a dns server. that other server was down when i got here, i got it back up, made it a domain controller, dns server, global catalog server. it's been working fine for the past 5 months. i didn't set up dns forwarders on it, i just let AD replicate over to it.

Report •

#8
February 26, 2013 at 12:00:08

ok, i just went onto our second domain server and it had no forwarders set up. at the time i had never heard of forwarders and still don't quite have my head all the way around them. i put in our isp's dns server addresses into it. other than that, it had copied everything else from the other domain server.. just as it was with the _msdcs and fwmfg.local on the forward tab..

Report •

#9
February 26, 2013 at 12:24:46

Lets see a ipconfig /all from both of these DCs.

127.0.0.1 is the tcp/ip loopback address. It refers to the "localhost". It is also used to redirect url traffic via the hosts file to the bitbucket in the sky by sending those url requests to null [127.0.0.1]

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#10
February 26, 2013 at 12:35:34

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : fw001
Primary Dns Suffix . . . . . . . : fwmfg.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : fwmfg.local

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Linksys EG1032 v3 Instant Gigabit Desktop
Network Adapter Driver
Physical Address. . . . . . . . . : 00-1A-70-11-E9-8F
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
DNS Servers . . . . . . . . . . . : 10.10.10.1
10.10.10.3

C:\Documents and Settings\Administrator>
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.FWMFG>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : fw003
Primary Dns Suffix . . . . . . . : fwmfg.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : fwmfg.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LOM with Ale
rt on LAN*
Physical Address. . . . . . . . . : 00-08-02-5A-90-8E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
DNS Servers . . . . . . . . . . . : 10.10.10.3
10.10.10.1

C:\Documents and Settings\Administrator.FWMFG>


Report •

#11
February 26, 2013 at 12:39:27

not to sound too optimistic.. when i added the forwarders to our secondary domain server.. the internet speed almost doubled in speed.. it was sluggish before and often would not display a page.. now it zips right along and so far, no unable to display page errors at all. i can't help but notice that on server 1, it has IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : Yes but server 3 doesn't.. do they need to be the same.. didn't think we were using wins at all... oh well..

Report •

#12
February 26, 2013 at 13:39:14

Wins proxy should be no.
You only show one network interface so routing should be no also.

otherwise ipconfigs look good.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#13
February 27, 2013 at 05:51:16

well, this morning, it's back.. i'm getting all kinds of "unable to display page"
when i do nslookup, server 170.215.184.3, microsoft.com
sometimes i get a response, sometimes i don't.
i've tried yahoo.com and google.com and same thing, sometimes i get a response, sometimes i don't.
i switched over to server 3, it's a dns server too, and same thing.. nslookup sometimes gets a response sometimes doesn't.
yesterday evening all seemed to be working great. internet sped up, i tried nslookup about 40 times and not one single error.
this is really getting frustrating..

Report •

#14
February 27, 2013 at 05:54:08

up above in my ipconfig /all text window, server 1 has the following but server 3 say's NO..
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes

i don't think this is my problem but i guess they should both be the same, set to NO
last IT guy set up server 1, i set up server 3 and had never done so before.


Report •

#15
February 27, 2013 at 08:00:30

If you logon to SBS and bring up the AD console do you see server 3 listed here?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#16
April 4, 2013 at 05:44:04

you guys won't believe what the problem is.. or what i think it was.. we had a spambot on the network. the dns issue lasted 2 days then our email quit sending out. we were blacklisted on about 10 different servers. the spambot was sending out about 500 emails a minute. Cutwail was the name of the bot, second largest in the world. I had to go around and scan each and every computer for outgoing traffic. finally found the computer and removed it from the network. took almost a week to get off all the blacklist but everything is working as it should. Internet speeds are right back to normal and no more dns issues.

Report •


Ask Question