Event ID 7063

Mykhaylo Khodorev · Jul 22, 2004

Hi, all!
I have three DNS servers in my LAN. All of them forward requests outside to
forwarders. And all of them write to event log an error:
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 7063
Date: 22.07.2004
Time: 12:20:53
User: N/A
Computer: DC1
Description:
The DNS server is configured to forward to a non-recursive DNS server at
212.109.32.5.

DNS servers in forwarders list MUST be configured to process recursive
queries.
Either
1) fix the forwarder (212.109.32.5) to allow recursion
- connect to it with DNS Manager
- bring up server properties
- open "Advanced" tab
- uncheck "Disable Recursion"
- click OK
OR
2) remove this forwarder from this servers forwarders list
- DNS Manager
- bring up server properties
- open "Forwarders" tab
- remove (212.109.32.5) from list of forwarders
- click OK

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

I've found similar event in Microsoft KB, but they just gave a link to their
Support Service, but not to patch...
Does anyone knows the solution?
Thanks a lot
Mykhaylo Khodorev

Kevin D. Goodknecht Sr. [MVP] · Jul 23, 2004

In

Mykhaylo Khodorev said:
Hi, all!
I have three DNS servers in my LAN. All of them forward
requests outside to forwarders. And all of them write to
event log an error:
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 7063
Date: 22.07.2004
Time: 12:20:53
User: N/A
Computer: DC1
Description:
The DNS server is configured to forward to a
non-recursive DNS server at 212.109.32.5.

DNS servers in forwarders list MUST be configured to
process recursive queries.
Either
1) fix the forwarder (212.109.32.5) to allow recursion
- connect to it with DNS Manager
- bring up server properties
- open "Advanced" tab
- uncheck "Disable Recursion"
- click OK
OR
2) remove this forwarder from this servers forwarders
list
- DNS Manager
- bring up server properties
- open "Forwarders" tab
- remove (212.109.32.5) from list of forwarders
- click OK

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

I've found similar event in Microsoft KB, but they just
gave a link to their Support Service, but not to patch...
Does anyone knows the solution?
Thanks a lot
Mykhaylo Khodorev

Is this server in your forwarders list?
The reason why all DNS server are giving you the error is this DNS server
does not support recusive queries, give them a different forwarder that
supports recursion.
See the missing ra after the rd bit in the flags section?
opcode: Query, status: NOERROR, id: 42
flags: qr rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

QUESTION SECTION:
.. IN NS

ANSWER SECTION:
.. 134858 IN NS B.ROOT-SERVERS.NET.
.. 134858 IN NS C.ROOT-SERVERS.NET.
.. 134858 IN NS D.ROOT-SERVERS.NET.
.. 134858 IN NS E.ROOT-SERVERS.NET.
.. 134858 IN NS F.ROOT-SERVERS.NET.
.. 134858 IN NS G.ROOT-SERVERS.NET.
.. 134858 IN NS H.ROOT-SERVERS.NET.
.. 134858 IN NS I.ROOT-SERVERS.NET.
.. 134858 IN NS J.ROOT-SERVERS.NET.
.. 134858 IN NS K.ROOT-SERVERS.NET.
.. 134858 IN NS L.ROOT-SERVERS.NET.
.. 134858 IN NS M.ROOT-SERVERS.NET.
.. 134858 IN NS A.ROOT-SERVERS.NET.

ADDITIONAL SECTION:
B.ROOT-SERVERS.NET. 49539 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 49539 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 49539 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 49539 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 49539 IN A 192.5.5.241
G.ROOT-SERVERS.NET. 49539 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 49539 IN A 128.63.2.53
I.ROOT-SERVERS.NET. 49539 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 221258 IN A 192.58.128.30
K.ROOT-SERVERS.NET. 49543 IN A 193.0.14.129
L.ROOT-SERVERS.NET. 49539 IN A 198.32.64.12
M.ROOT-SERVERS.NET. 49543 IN A 202.12.27.33
A.ROOT-SERVERS.NET. 221258 IN A 198.41.0.4

Query time: 270 ms
Server : 212.109.32.5:53 udp (212.109.32.5)
When : 7/22/2004 5:56:47 PM
Size rcvd : 436

Mykhaylo Khodorev · Jul 23, 2004

Is this server in your forwarders list?

Yes. It's our ISP's server.

The reason why all DNS server are giving you the error is this DNS server
does not support recusive queries, give them a different forwarder that
supports recursion.

How can I find a server which supports recursion?

Kevin D. Goodknecht Sr. [MVP] · Jul 23, 2004

In

Mykhaylo Khodorev said:
Yes. It's our ISP's server.

How can I find a server which supports recursion?

Check your ISP home page, this one is probably the DNS they use for
Authoritative lookups. They most likely have at least two for a forwarding
proxy DNS.
You can always use 4.2.2.2. and 4.2.2.1

Mykhaylo Khodorev · Jul 23, 2004

I've changed forwarders to servers you've gave. Now I'm continuesly getting
a warning ID 5504:
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 23.07.2004
Time: 17:18:45
User: N/A
Computer: DC1
Description:
The DNS server encountered an invalid domain name in a packet from 4.2.2.2.
The packet is rejected.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

I've found Microsoft KB 838969 about this problem, but there was no hotfix,
just link to their Support Service.

Kevin D. Goodknecht Sr. [MVP] · Jul 23, 2004

In

Mykhaylo Khodorev said:
I've changed forwarders to servers you've gave. Now I'm
continuesly getting a warning ID 5504:
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 23.07.2004
Time: 17:18:45
User: N/A
Computer: DC1
Description:
The DNS server encountered an invalid domain name in a
packet from 4.2.2.2. The packet is rejected.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

I've found Microsoft KB 838969 about this problem, but
there was no hotfix, just link to their Support Service.

We had one of these a couple of weeks ago, for some reason DNS was sending a
query for localhost to the root servers, the weird thing about that is DNS
should not even be queried for localhost in the first place, that is why it
is in the hosts file. As a workaround creating a forward lookup zone named
"localhost" then in the zone create a host record leaving the name field
blank and give it IP 127.0.0.1, create the record anyway when it barks at
you saying (same as parent folder) is not a valid host name.
We never figured out why DNS was trying to resolve localhost, the only thing
I could think of is there a program that has its own resolver logic that
ignores the hosts file and queries directly to DNS, bypassing the hosts
file.

If this does not stop the 5504s post your ipconfig /all for this machine and
verify on all machines that your DNS suffix search list does not have a
single-label DNS suffix that there isn't a zone for, or is not registered in
WINS.
This can also happen if you have a machine with an illegal character in its
host name.

http://www.eventid.net/display.asp?eventid=5504&eventno=642&source=DNS&phase=1

Jonathan de Boyne Pollard · Jul 25, 2004

KDGS> Is this server in your forwarders list?

MK> Yes. It's our ISP's server.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-obtaining-proxy-service.html>

Was it the one that your ISP told you that you may use, or did you make
the classic mistake?

Event ID 7063

Mykhaylo Khodorev

Kevin D. Goodknecht Sr. [MVP]

Mykhaylo Khodorev

Kevin D. Goodknecht Sr. [MVP]

Mykhaylo Khodorev

Kevin D. Goodknecht Sr. [MVP]

Jonathan de Boyne Pollard