DNS Forwarders and Delegation issues

I have been having multiple issues the most recent of which is outlooks inability to receive mail, after a lot of trouble shooting it seems there is a DNS issue, so I ran the DCDiag test and received the following results.  Given that I have very little experience managing a server and have no colleagues to turn to can anyone tell me the safest way to identify and remove the specific faults?

I appreciate any advice given.

H:\>DCDiag/test:DNS

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = WHHA-SVR01
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site\WHHA-SVR01
      Starting test: Connectivity
         ......................... WHHA-SVR01 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site\WHHA-SVR01

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... WHHA-SVR01 passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : WHHA

   Running enterprise tests on : WHHA.local
      Starting test: DNS
         Test results for domain controllers:

            DC: WHHA-SVR01.WHHA.local
            Domain: WHHA.local


               TEST: Basic (Basc)
                  Warning: The AAAA record for this DC was not found

               TEST: Forwarders/Root hints (Forw)
                  Error: Root hints list has invalid root hint server:
                  a.root-servers.net. (2001:503:ba3e::2:30)
                  Error: Root hints list has invalid root hint server:
                  b.root-servers.net. (128.9.0.107)
                  Error: Root hints list has invalid root hint server:
                  f.root-servers.net. (2001:500:2f::f)
                  Error: Root hints list has invalid root hint server:
                  h.root-servers.net. (2001:500:1::803f:235)
                  Error: Root hints list has invalid root hint server:
                  i.root-servers.net. (2001:7fe::53)
                  Error: Root hints list has invalid root hint server:
                  j.root-servers.net. (2001:503:c27::2:30)
                  Error: Root hints list has invalid root hint server:
                  k.root-servers.net. (2001:7fd::1)
                  Error: Root hints list has invalid root hint server:
                  l.root-servers.net. (198.32.64.12)

               TEST: Delegations (Del)
                  Error: DNS server: server.whha.local. IP:<Unavailable>
                  [Missing glue A record]
                  Error: DNS server: whha-svr01.whha.local. IP:192.168.0.4
                  [Broken delegated domain autodiscover.whha-svr01.WHHA.local.]
                  Error: DNS server: whha-svr01.whha.local. IP:192.168.0.4
                  [Broken delegated domain autodiscover.WHHA.local.]

               TEST: Records registration (RReg)
                  Network Adapter
                  [00000006] Broadcom NetXtreme Gigabit Ethernet:
                     Warning:
                     Missing AAAA record at DNS server 192.168.0.4:
                     WHHA-SVR01.WHHA.local

                     Warning:
                     Missing AAAA record at DNS server 192.168.0.4:
                     gc._msdcs.WHHA.local

                     Warning:
                     Missing AAAA record at DNS server 192.168.0.4:
                     WHHA-SVR01.WHHA.local

                     Warning:
                     Missing AAAA record at DNS server 192.168.0.4:
                     gc._msdcs.WHHA.local

               Warning: Record Registrations not found in some network adapters

         Summary of test results for DNS servers used by the above domain
         controllers:

            DNS server: 192.168.0.4 (whha-svr01.whha.local.)
               2 test failure on this DNS server

            DNS server: 128.9.0.107 (b.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.9.0.107
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.32.64.12
            DNS server: 2001:500:1::803f:235 (h.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:1::803f:235

            DNS server: 2001:500:2f::f (f.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:2f::f

            DNS server: 2001:503:ba3e::2:30 (a.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:ba3e::2:30

            DNS server: 2001:503:c27::2:30 (j.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:c27::2:30

            DNS server: 2001:7fd::1 (k.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:7fd::1

            DNS server: 2001:7fe::53 (i.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:7fe::53

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: WHHA.local
               WHHA-SVR01                   PASS WARN FAIL FAIL PASS WARN n/a

         ......................... WHHA.local failed test DNS

H:\>

July 17th, 2013 5:54am

Hi,

According to my research, DCdiag tests the functionality of root hints by sending a reverse DNS lookup query for 1.0.0.127.in-addr.arpa in IPv4 or 1.0::0.in-ip6.arpa. in IPv6.However, most root hints server have no such reverser lookup zone which contains 1.0.0.127. in-addr.arpa. or or 1.0::0.in-ip6.arpa. This is why the PTR records query failed on those DNS servers.

In addition, the error (Root hints list has invalid root hint server) means the Root hint servers configured on the DNS server have invalid IP address or name resolution not working. I think your name resolution is not working, because Delegations and Glue records are necessary for name resolution. From the result you provided, the configured delegation has no glue A record and you have no AAAA record (IPv6) for the DC.

I recommend you to make sure A/AAAA records are registered on all the DNS servers first. You can try to add the A/AAAA records as follows:

  1. Open the DNS snap-in.
  2. In the console tree, right-click the applicable zone, and then click New Host (A or AAAA).
  3. Enter the Name and IP address of the DNS server to complete the record, then click Add Host.
  4. Click OK to add the new record to the zone.

More information:

Domain Controller Diagnostics Tool (dcdiag.exe)

http://technet.microsoft.com/en-us/library/cc776854(v=WS.10).aspx

Resource Record Types

http://technet.microsoft.com/en-us/library/cc958958.aspx

I hope this helps!

Free Windows Admin Tool Kit Click here and download it now
July 18th, 2013 4:52am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics