DNS Problems

[Guest]

Hello all,

I have just taken over a network with the following issues:

1. DNS W2K reading event ID: 3000

2. Doing an NSLOOKUP IP-ADDRESS gives me the name of a server
"wrong-server-name" neither in use nor on my network! Doing the NSLOOKUP from
the DNS server CMD prompt gives me the same answer.

I go into the DNS console and the entry is in for "correct-IP-address" =
"correct-server-name" is in as a record, but the NSLOOKUP tells me something
different. I have also issued the IPCONFIG /FLUSHDNS for the boxes with no
joy.

3. I have now been told not to reboot my DNS box by my old counterpart (he
now works elsewhere). Because the DNS records will revert back to January
07??

We have trusts to other domains/companies and the DNS is quite extensive so
I'm loathed to reload/clear cache the DNS incase it all goes wrong!

Future plans will: Built a secondary DNS server.

However for the now, how can I fix the above problem, I have a felling all
my symptoms are tied together somehow, I just don't know where?

Thanks.

 

[Meinolf Weber]

Hello Sad-Sac,

For the event look here(read complete posting):
http://www.eggheadcafe.com/software/aspnet/28133715/event-id-3000-warning.aspx

http://www.eventid.net/display.asp?eventid=3000&eventno=297&source=DNS&phase=1

For the DC's run dcdiag and netdiag and post the complete result.


Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

 

[Kevin D. Goodknecht Sr. [MVP]]

Read inline please.

In

Hello all,

I have just taken over a network with the following issues:

1. DNS W2K reading event ID: 3000

2. Doing an NSLOOKUP IP-ADDRESS gives me the name of a server
"wrong-server-name" neither in use nor on my network! Doing the
NSLOOKUP from the DNS server CMD prompt gives me the same answer.


I go into the DNS console and the entry is in for
"correct-IP-address" = "correct-server-name" is in as a record, but
the NSLOOKUP tells me something different. I have also issued the
IPCONFIG /FLUSHDNS for the boxes with no joy.

You can flush the DNS Client cache all day long and it won't change the
output nslookup gives you because nslookup bypasses the DNS Client cache.

3. I have now been told not to reboot my DNS box by my old
counterpart (he now works elsewhere). Because the DNS records will
revert back to January 07??

Oh really? I would like to see that one.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Ace Fekay [MVP]]

In

Hello all,

I have just taken over a network with the following issues:

1. DNS W2K reading event ID: 3000

2. Doing an NSLOOKUP IP-ADDRESS gives me the name of a server
"wrong-server-name" neither in use nor on my network! Doing the
NSLOOKUP from the DNS server CMD prompt gives me the same answer.

I go into the DNS console and the entry is in for
"correct-IP-address" = "correct-server-name" is in as a record, but
the NSLOOKUP tells me something different. I have also issued the
IPCONFIG /FLUSHDNS for the boxes with no joy.

3. I have now been told not to reboot my DNS box by my old
counterpart (he now works elsewhere). Because the DNS records will
revert back to January 07??

We have trusts to other domains/companies and the DNS is quite
extensive so I'm loathed to reload/clear cache the DNS incase it all
goes wrong!

Future plans will: Built a secondary DNS server.

However for the now, how can I fix the above problem, I have a
felling all my symptoms are tied together somehow, I just don't know
where?

Thanks.

I agree with Kevin that the last point you stated is an odd issue. Can you
post an unedited ipconfig /all of this server please. That will give us a
better starting point in additon to the other info asked to be posted.

THanks,

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Try using Outlook Express or any other newsreader, configure a news
account, and point it to news.microsoft.com. Anonymous access. It's
easy and it's free:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Life isn't like a box of chocolates or a bowl of cherries or
peaches... Life is more like a jar of jalapenos. What you do today
may burn your butt tomorrow." - Garfield

 

[Guest]

Guys I will get back to this issue as soon as I can, but I'm fire fighting
other issues at the moment.

I will post the results as requested soon.

 

[Guest]

1. Check in the reverse lookup zone.. running nslookup <IPAddress> only causes
nslookup to perform a reverse lookup on the IP Address.


2. You can flush the DNS Client cache all day long and it won't change the
output nslookup gives you because nslookup bypasses the DNS Client cache.


3. I have now been told not to reboot my DNS box by my old
counterpart (he now works elsewhere). Because the DNS records will
revert back to January 07??

Oh really? I would like to see that one.

***********************************

1. In the reverse lookup zone I found the old offending entries, this is now
fixed.

2. I did flush the DNS all day long, but my fingers got sore from hitting
the buttons ;-) (thanks for that I did not know).

3. Well I wouldnt like to see that one!

 

[Guest]

REPOST

I posted this further up by mistake, me bad!

**********************************

1. Check in the reverse lookup zone.. running nslookup <IPAddress> only
causes
nslookup to perform a reverse lookup on the IP Address.


2. You can flush the DNS Client cache all day long and it won't change the
output nslookup gives you because nslookup bypasses the DNS Client cache.


3. I have now been told not to reboot my DNS box by my old
counterpart (he now works elsewhere). Because the DNS records will
revert back to January 07??

Oh really? I would like to see that one.

***********************************

1. In the reverse lookup zone I found the old offending entries, this is now
fixed.

2. I did flush the DNS all day long, but my fingers got sore from hitting
the buttons ;-) (thanks for that I did not know).

3. Well I wouldnt like to see that one!

 

[Ace Fekay [MVP]]

In

REPOST

I posted this further up by mistake, me bad!

Yes, I saw that. Thanks.

How about an unedited ipconfig /all please? That will better help us to help
you.

Ace

 

[Guest]

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : Server-Name
Primary DNS Suffix . . . . . . . : Domain-Name (good)
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Domain-Name (good)


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : IBM Netfinity 10r #2
Physical Address. . . . . . . . . : ***************
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 170.65.130.2
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Default Gateway . . . . . . . . . : 170.65.130.30
DNS Servers . . . . . . . . . . . : 170.65.130.2
Primary WINS Server . . . . . . . : 170.65.130.18
Secondary WINS Server . . . . . . : 170.65.130.9

This is my DNS/DC server. I know its edited, if more is needed please let me
know.

Thanks.

 

[Ace Fekay [MVP]]

In

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : Server-Name
Primary DNS Suffix . . . . . . . : Domain-Name (good)
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Domain-Name (good)


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : IBM Netfinity 10r #2
Physical Address. . . . . . . . . : ***************
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 170.65.130.2
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Default Gateway . . . . . . . . . : 170.65.130.30
DNS Servers . . . . . . . . . . . : 170.65.130.2
Primary WINS Server . . . . . . . : 170.65.130.18
Secondary WINS Server . . . . . . : 170.65.130.9

This is my DNS/DC server. I know its edited, if more is needed please
let me know.

Thanks.

Does:
Primary DNS Suffix . . . . . . . : Domain-Name (good)
match the actual AD DNS domain name?

As far as reverting back to January 07, that doesn't make sense at all. Do
you mean the time stamp on the RR (host records) are reverting back to Jan
07? Are you looking in DNS while in Advanced view? Based on the ipconfig
above, it looks fine. Is the zone AD integrated?

It also appears there is more than one DC. If so, and if there are multiple
sites and/or domains, is there any problem at any of the other sites or on
the other DC/DNS?

Ace

 

[Guest]

Does:

Primary DNS Suffix . . . . . . . : Domain-Name (good)
match the actual AD DNS domain name?

Yes it matches exactly.

As far as reverting back to January 07, that doesn't make sense at all. Do
you mean the time stamp on the RR (host records) are reverting back to Jan
07? Are you looking in DNS while in Advanced view? Based on the ipconfig
above, it looks fine. Is the zone AD integrated?

Yes the host records revert back (I have not rebooted this box since I
started, no confirmation). This info came from the guy doing the job before
me and I dont want to reboot to find out if he is correct (although I agree
it does sound odd!). I'm hopefully bringing another DC online this week and
putting DNS on the new box as a secondary DNS server, then I will try to
reboot the older server!

Looking at advanced view, what difference does it make?
How can I tell if it is AD integrated (2000 AD), I always thought it was?
The DNS server address details are DHCP'd out.

Yes more than one site, the others are out of my control but no issues I
know of. This DC with the DNS service on it is one of 3 DC's. All others
reporting no problems I can see.

I understand I'm not making this post/topic very clear, however I'm new to
DNS on this scale and I'm just getting to grips with it so bare with me!

Thanks.

 

[Ace Fekay [MVP]]

Yes it matches exactly.


Yes the host records revert back (I have not rebooted this box since I
started, no confirmation). This info came from the guy doing the job
before
me and I dont want to reboot to find out if he is correct (although I
agree
it does sound odd!). I'm hopefully bringing another DC online this week
and
putting DNS on the new box as a secondary DNS server, then I will try to
reboot the older server!

If the zone is AD integrated, you do not want to make the new DC DNS server
a secondary or it will cause major problems. Just install DNS on it and wait
for the zone to auto appear.

Looking at advanced view, what difference does it make?
How can I tell if it is AD integrated (2000 AD), I always thought it was?
The DNS server address details are DHCP'd out.

DHCP'd out? I am not sure what that means. Are you saying this domain
controller has a DCHP address? A domain controller should never be a DHCP
client. Unless I got mixed up and you are talking about a different machine?

Yes more than one site, the others are out of my control but no issues I
know of. This DC with the DNS service on it is one of 3 DC's. All others
reporting no problems I can see.

I understand I'm not making this post/topic very clear, however I'm new to
DNS on this scale and I'm just getting to grips with it so bare with me!

Thanks.

Trying to.

Ace

 

[Guest]

If the zone is AD integrated, you do not want to make the new DC DNS server
Ok, just to clarify. I bring a new DC online and install the DNS component.
I leave it? Don't make it a secondary. Let the zone appear then? This will be
my first windows 2K3 DC in a W2K AD environment, should this cause any
issues? (All my application servers are W2K3 it's just the AD that needs
updated).

DHCP'd out? I am not sure what that means. Are you saying this domain
controller has a DCHP address? A domain controller should never be a DHCP
client. Unless I got mixed up and you are talking about a different machine?

This is the classic example of you not being able to read my mind! All my
servers have static addresses. What I meant was the details/IP address of the
DNS server are given out to the clients via DHCP.

Thanks.

 

[Kevin D. Goodknecht Sr. [MVP]]

Read inline please.

In

This is the classic example of you not being able to read my mind!
All my servers have static addresses. What I meant was the details/IP
address of the DNS server are given out to the clients via DHCP.

What this means is what DNS addresses are your DHCP servers assigning to the
DHCP clients?
All servers and clients, whether static or DHCP, must use the internal DNS
server only for DNS, this is usually the DC's IP address.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Guest]

What this means is what DNS addresses are your DHCP servers assigning to the

DHCP clients?
All servers and clients, whether static or DHCP, must use the internal DNS
server only for DNS, this is usually the DC's IP address.

The DNS/DC address is as per the IPCONFIG I posted. This is the IP address
of the DNS server. All clients/servers are configured to look for DNS from
this address.

 

[Kevin D. Goodknecht Sr. [MVP]]

Read inline please.

In

The DNS/DC address is as per the IPCONFIG I posted. This is the IP
address
of the DNS server. All clients/servers are configured to look for DNS
from this address.

Ok, it is correct then. It was not clear that DHCP was also assigning this
address.
As for the Event ID 3000's, those are run-time events cause by other event
happening in rapid succession, they are typically caused by rapid zone
serial incrementing, zone transfers and other informational events. In order
to tell you what is causing the 3000 events, you will need to look at other
events preceding the 3000 events. As I said, the preceding events need not
be errors, they can also be informational events and typically are.
If you see many Event 3150 events, the usual culprit is Standard Primary
DDNS zones. ADI zones do not log these events because the zone serial is
meaningless to ADI zones and is not used for updating other ADI zones. I
recommend you convert the zone to ADI, unless it is a zone serving a public
domain.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Ace Fekay [MVP]]

Ok, just to clarify. I bring a new DC online and install the DNS
component.
I leave it? Don't make it a secondary. Let the zone appear then? This will
be
my first windows 2K3 DC in a W2K AD environment, should this cause any
issues? (All my application servers are W2K3 it's just the AD that needs
updated).



This is the classic example of you not being able to read my mind! All my
servers have static addresses. What I meant was the details/IP address of
the
DNS server are given out to the clients via DHCP.

Thanks.

You are right. I have tried so many times to read someone's mind, especially
my wife's, only to be disappointed because I can't. Darn. But I'm not giving
up - I'm still working on it.

If this is the only new DC you are bring online, meaning it is not a replica
being added in an existing domain, then I would to assume that DCPROMO
created the zone for you. Is this correct? If so, is the zone AD integrated?
That would be default, meaning it will probably say it is a Primary Zone
with the check box checked to store the zone in Active Directory. If it is,
what replication scope is it set to (bottom, middle or top button)?

Ace

 

[Guest]

Ok, it is correct then. It was not clear that DHCP was also assigning this
address.
As for the Event ID 3000's, those are run-time events cause by other event
happening in rapid succession, they are typically caused by rapid zone
serial incrementing, zone transfers and other informational events. In order
to tell you what is causing the 3000 events, you will need to look at other
events preceding the 3000 events. As I said, the preceding events need not
be errors, they can also be informational events and typically are.
If you see many Event 3150 events, the usual culprit is Standard Primary
DDNS zones. ADI zones do not log these events because the zone serial is
meaningless to ADI zones and is not used for updating other ADI zones. I
recommend you convert the zone to ADI, unless it is a zone serving a public
domain.

We are not public facing and I have now changed the zone from a Standard
Primary to ADI. You were correct the event 3000 ID's are all proceeded by
event 3150 from the same zone every time. The zone it is coming from is large
and is over a slower VPN link? The frequency of the event 3000 have settled
down in volume in the past weeks from about 10 entries a day down to 2 or 3
entries.

You are right. I have tried so many times to read someone's mind, especially
my wife's, only to be disappointed because I can't. Darn. But I'm not giving
up - I'm still working on it.

If this is the only new DC you are bring online, meaning it is not a replica
being added in an existing domain, then I would to assume that DCPROMO
created the zone for you. Is this correct? If so, is the zone AD integrated?
That would be default, meaning it will probably say it is a Primary Zone
with the check box checked to store the zone in Active Directory. If it is,
what replication scope is it set to (bottom, middle or top button)?

Ace

As stated above the zone is now ADI. How can I tell what the replication
scope is set too? I have looked but obviously in the wrong place?

 

[Ace Fekay [MVP]]

In

As stated above the zone is now ADI. How can I tell what the
replication scope is set too? I have looked but obviously in the
wrong place?

In the zone properties, the part thatthe radio button is set to either
(shown in order top to bottom):

ALL DNS Servers in the Domain
All DNS servers in the Forest
Domain controllers in the Domain - Windows 2000 Compatible

Ace

 

[Guest]

In

In the zone properties, the part thatthe radio button is set to either
(shown in order top to bottom):

ALL DNS Servers in the Domain
All DNS servers in the Forest
Domain controllers in the Domain - Windows 2000 Compatible

Ace

Ace,

I'm losing the plot here again. I can’t see the 3 listed properties you
speak of. I go into the properties of my zone, then on the general tab, I
have type = ADI. I click change and can change from Primary to Secondary.
This is the only radio buttons I can see?