Troubleshooting DNS

Similar Messages

• Forum FAQ: How to troubleshoot DNS Event 5504 error

  Symptom
  A DNS server may frequently record the Event ID 5504 error in the event log:
  Event Type: Warning
  Event Source: DNS
  Event Category: None
  Event ID: 5504
  User: N/A
  Computer: Computer_name
  Description: The DNS server encountered an invalid domain name in a packet from IP_Address .
  The packet is rejected.
  Cause
  Event ID 5504 is logged when a DNS Server receives a packet containing an invalid domain name. There are many possible causes.
  1.      The DNS cache becomes corrupt with invalid domain names.
  2.      The DNS Server receives a spoofed response.
  3.      The DNS response contains domain names with characters other than 0-9, a-z, A-Z, . (Period), and - (Hyphen).
  4.      The DNS Server has been configured with invalid forwarders
  5.      The network the DNS server resides on is busy or not working properly.
  Resolution
  The following are general troubleshooting steps for this issue:
  1. Secure the DNS cache against pollution.
  a)     Open DNS Management snap-in and then open the Properties dialog for the DNS server.
  b)     Click the Advanced tab, check the Secure Cache against Pollution option, and then click OK.
  c)      After enabling this setting, right-click the applicable DNS server and select Clear Cache, then restart the DNS Server service.
  2. Verify that the forwarder list on the DNS server is pointing to recursive DNS servers.  To view the forwarders, please perform the following steps:
  a)     Open DNS Management snap-in and then open the Properties dialog for the DNS server.
  b)     Click the Forwarders tab, you can view the existing forwarders.
  3. Some third party DNS servers may be using records of a type that aren’t supported by Windows DNS servers, such as the DNAME resource record.
  920162     Event 5504 is logged when a Windows Server 2003-based DNS server receives a packet that contains a DNAME resource record
  http://support.microsoft.com/default.aspx?scid=kb;EN-US;920162
  4. Another example where DNS will produce the Event ID 5504 error is when Extended DNS (EDNS) packets are received but the server that is attempting to resolve the EDNS traffic doesn’t support EDNS or have it enabled. An easy workaround is to disable EDNS.
  dnscmd /Config /EnableEDnsProbes 0
  More Information
  Troubleshooting DNS
  http://technet2.microsoft.com/WindowsServer/en/library/de2aa69d-1155-4dc9-a651-e836
  2f6a81c81033.mspx?mfr=true
  DNS Best Practices
  http://technet2.microsoft.com/WindowsServer/en/library/59d7a747-48dc-42cc-8986-c73d
  b47398a21033.mspx?mfr=true
  Applies to
  Windows Server® 2003 operating system
  Windows Server® 2008 operating system
  Windows Server® 2008 R2 operating system

  I'm not sure whether this is the appropriate place to add this but - a (possible) cause that I have seen which is not mentioned above is a request for an AAAA record (IPv6 address)
  being responded to with an A record (IPv4 address).
  DNS debug logging (Windows 2008 R2 SP1) captured requests to
  192.225.156.200 and the corresponding responses. In each case the response was followed in the debug log by the event “The DNS server encountered an invalid domain name
  in a packet from 192.225.156.200. The packet will be rejected. The event data contains the DNS packet.”
  The domain name in the response was the same as that in the query, and looks OK.
  The logged query shows an AAAA record (IPv6 address) request and the logged response returned an A record (IPv4 address).
  http://www.rfc-editor.org/rfc/rfc4074.txt “Common
  Misbehavior Against DNS Queries for IPv6 Addresses” says, under “Expected Behavior”:
     Suppose that an authoritative server has an A RR but has no AAAA RR
     for a host name.  Then, the server should return a response to a
     query for an AAAA RR of the name with the response code (RCODE) being
     0 (indicating no error) and with an empty answer section (see
     Sections 4.3.2 and 6.2.4 of [1]).  Such a response indicates that
     there is at least one RR of a different type than AAAA for the
     queried name, and the stub resolver can then look for A RRs.

• DNS cache " Name Does not Exist"

  Hey Guys,
  So we've been experiencing a really weird issue related to the DNS for past couple of months. Here are the details:
  1) Our domain machines are Windows 7 Enterprise and their DNS points to Windows DNS Servers
  2) For companyxyz.net internal sites, the Windows DNS resolves those from its
  companyxyz.net zone.
  3) For public *.companyxyz.com records, the Windows DNS has conditional forwarders to point these requests to our Linux Bind Servers. And than the authoritative name servers respond to these queries accordingly
  4) Our internal employees use the public records such as testing.companyxyz.com 
  Problems:
  1) Employees on the internal network would randomly experience page not found on their browsers while trying to hit
  testing.companyxyz.com. When we try to ping this URL, ping would fail too. However, NSLOOKUP would work perfectly fine and return the correct results. ipconfig /flushdns fixes the issue right away
  2) During the time when this problem is occurring, if I look into the local cache ( ipconfig /displaydns), I find an entry saying:
      testing.companyxyz.com
      Name does not exist. 
  ipconfig /flushdns obviously clears out this record along with the other local cached records and fixes the issue.
  3) Point the local computers directly to the Linux Bind servers as DNS never create this issue. It's only when they are pointing to the Windows DNS and going to this public record. The problem also seems to occur a lot more frequently if there are considerably
  high number of hits to this URL.
  Have you guys experienced this issue before? I am looking for a fix for this issue and not having the end-users to flush their dns constantly. Also note this problem occurs sometimes once a day, or 2 -3 times a week. It's very random.
  Thanks.
  Bilal
   

  Hi,
  It seems that the issue is related to your Windows 7 client. Considering whether there is DNS attack or virus on this computer.
  Please try to do the safety scan first.
  Please monitor the DNS server performance referring these article:
  Monitoring DNS server performance
  http://technet.microsoft.com/en-us/library/cc778608(WS.10).aspx
  Monitoring and Troubleshooting DNS
  http://www.tech-faq.com/monitoring-and-troubleshooting-dns.html
  For further step, we need to capture the traffic by using Network monitor when the issue happened and we continuously ping
  testing.companyxyz.com.
  Microsoft Network Monitor 3.4
  http://www.microsoft.com/en-us/download/details.aspx?id=4865
  Let’s see whether there is DNS request happened and the DNS request is handled.
  You can post back the save traffic log here for our further research.
  Kate Li
  TechNet Community Support

• Cisco Pix 501 / DNS - DNS resolution stops working over time

  Hello,
  I currently have a Cisco Pix 501 with the configuration listed below. It  connects to the public internet via a cable modem and acts as a DCHP  server for the local LAN.
  When it first turns on, all computers obtain the correct IP settings and  can access the internet. Within 10-15 minutes, computers begin to loose  access to the Internet. What’s strange is that each computer that lost  Internet access can ping the remote address but cannot perform an  nslookup. (it shows as Server UnKnown)
  The DNS server is 167.206.254.2 which is the external dns server  provided by my ISP. I can ping this address but the local computer is  unable to use it for domain to ip resolution.
  Then network used to have an existing Windows Small Business Server that  was a DNS and WINS Server. I ran dcpromo to remove the role of the  server and uninstalled dns via add/remove components.
  Can someone please help me determine why the computers over time loose  the ability to resolve domain names and therefore loose internet access?  Can there be some bad DNS entries created? Is there anything I can run  on the local computers to further troubleshoot dns errors? Is it  possible that the existing Windows SBS server is still running DNS and  therefore causing conficts in some way?
  One thing to note is that when I reset the Pix 501, everything begins to  work again but only for a short time until one by one each computer can  no longer resolve domain names. Also, I noticed that once someone  connects via VPN and disconnects, one of the local computers looses the  ability to resolve DNS.
  Cisco Pix Config
  PIX# show config
  : Saved
  : Written by enable_15 at 08:55:56.390 UTC Fri Mar 15 2013
  PIX Version 6.3(5)
  interface ethernet0 auto
  interface ethernet1 100full
  nameif ethernet0 outside security0
  nameif ethernet1 inside security100
  enable password chiuzjKkSD33lwEw encrypted
  passwd chiuzjKkSD33lwEw encrypted
  hostname PIX
  fixup protocol dns maximum-length 512
  fixup protocol ftp 21
  fixup protocol h323 h225 1720
  fixup protocol h323 ras 1718-1719
  fixup protocol http 80
  fixup protocol rsh 514
  fixup protocol rtsp 554
  fixup protocol sip 5060
  fixup protocol sip udp 5060
  fixup protocol skinny 2000
  fixup protocol smtp 25
  fixup protocol sqlnet 1521
  fixup protocol tftp 69
  names        
  access-list VPNGROUP_splitTunnelAcl permit ip 192.168.2.0 255.255.255.0 any
  access-list inside_outbound_nat0_acl permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.128
  access-list outside_cryptomap_dyn_30 permit ip any 192.168.3.0 255.255.255.128
  access-list ping_acl permit icmp any any
  pager lines 24
  logging timestamp
  logging monitor debugging
  logging buffered debugging
  logging history debugging
  logging queue 0
  icmp permit any echo-reply outside
  icmp permit any unreachable outside
  icmp permit any echo outside
  mtu outside 1500
  mtu inside 1500
  ip address outside dhcp setroute
  ip address inside 192.168.2.1 255.255.255.0
  ip audit info action alarm
  ip audit attack action alarm
  ip local pool VPN 192.168.3.2-192.168.3.100 mask 255.255.255.0
  pdm location 192.168.2.0 255.255.255.0 inside
  pdm location 192.168.3.0 255.255.255.0 inside
  pdm logging informational 512
  no pdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_outbound_nat0_acl
  nat (inside) 1 192.168.2.0 255.255.255.0 0 0
  access-group ping_acl in interface outside
  timeout xlate 0:05:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
  timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
  timeout sip-disconnect 0:02:00 sip-invite 0:03:00
  timeout uauth 0:05:00 absolute
  aaa-server TACACS+ protocol tacacs+
  aaa-server TACACS+ max-failed-attempts 3
  aaa-server TACACS+ deadtime 10
  aaa-server RADIUS protocol radius
  aaa-server RADIUS max-failed-attempts 3
  aaa-server RADIUS deadtime 10
  aaa-server LOCAL protocol local
  aaa-server ACS protocol tacacs+
  aaa-server ACS max-failed-attempts 3
  aaa-server ACS deadtime 10
  aaa authentication ssh console LOCAL
  aaa authentication telnet console LOCAL
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  http 192.168.3.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server community public
  no snmp-server enable traps
  floodguard enable
  sysopt connection permit-ipsec
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto dynamic-map VPNMAP 10 set transform-set ESP-3DES-MD5
  crypto dynamic-map VPNMAP 30 match address outside_cryptomap_dyn_30
  crypto dynamic-map VPNMAP 30 set transform-set ESP-3DES-MD5
  crypto map MYMAP 10 ipsec-isakmp dynamic VPNMAP
  crypto map MYMAP client authentication LOCAL
  crypto map MYMAP interface outside
  isakmp enable outside
  isakmp identity address
  isakmp nat-traversal 20
  isakmp policy 10 authentication pre-share
  isakmp policy 10 encryption des
  isakmp policy 10 hash md5
  isakmp policy 10 group 1
  isakmp policy 10 lifetime 86400
  isakmp policy 30 authentication pre-share
  isakmp policy 30 encryption 3des
  isakmp policy 30 hash md5
  isakmp policy 30 group 2
  isakmp policy 30 lifetime 86400
  vpngroup VPNGRP idle-time 1800
  vpngroup VPNGROUP address-pool VPN
  vpngroup VPNGROUP dns-server 167.206.254.2
  vpngroup VPNGROUP wins-server 192.168.2.50
  vpngroup VPNGROUP default-domain advancedarthritiscarecenter.local
  vpngroup VPNGROUP split-tunnel VPNGROUP_splitTunnelAcl
  vpngroup VPNGROUP idle-time 1800
  vpngroup VPNGROUP password ********
  telnet 192.168.2.0 255.255.255.0 inside
  telnet 192.168.3.0 255.255.255.0 inside
  telnet timeout 30
  ssh 192.168.2.0 255.255.255.0 inside
  ssh 192.168.3.0 255.255.255.0 inside
  ssh timeout 60
  console timeout 0
  dhcpd address 192.168.2.2-192.168.2.33 inside
  dhcpd dns 167.206.254.2 167.206.254.2
  dhcpd lease 7200
  dhcpd ping_timeout 750
  dhcpd enable inside
  username admin password pO9NW1GJpm4IIIFK encrypted privilege 15
  username andrew password A340D92MQ0zV0hGs encrypted privilege 15
  terminal width 80
  Cryptochecksum:aacfb7d8ae07a6075baf8656a724fbec

  Wow...i didn't realize this was possible. I will certainly check the logs tomorrow via the existing thread but just to confirm, is this only true if DHCP is enabled on PIX?
  In other words, I managed to work around this issue by applying static IP's to all computers and the internet works just fine.

• DNS server with double NAT

  Hi All,
  We are in a process of migrating to a new ISP.
  With the new ISP, we have no options but double NAT (one in Cisco router and one in Firewall).
  In the test environment for the new ISP (double NAT) a desktop behind the firewall getting a dynamic IP address (which includes DNS server 192.168.0.3) resolved an external web site too long, but when I changed the DNS ip address to 8.8.8.8 it resolved quickly
  as normal.
  In the current live production every thing works as expected. 
  Any help/ idea would be appreciated.
  Cheers

  I would agree with Christopher.
  You can also make sure that your DNS servers do not have public DNS IPs set in their IP settings. Instead, public DNS IPs should be set as forwarders. Also, make sure that you use your ISP DNS servers instead of other public DNS servers for external DNS
  resolution.
  For troubleshooting DNS lookups, you can use NSlookup with debug mode for more details. I have started a Wiki about that here: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• E4200 STRANGE DNS Problems

  Ok so I just purchased the E4200 and upgraded to .03 (newest firmware) and noticed everytime the router reboots my computer (wired client) would say limited or no internet access for some time after the router has stopped blinking.  When I try to open Chrome and go to google.com I get a DNS error.  If I then try to go to another website like say bing.com it works and then google.com works.  Mind this whole time Nslookup works and when I can't seem to access google.com from my wired connection my iPod can connect to it wirelessly.  Normal or is everyone else experiancing that?  I also suppose if I wait some time while it says limited or no connectivity it will work and switch to internet access.

  DNS is one of the most essential services on any Windows network. Active Directory can’t function without DNS, and it’s is also used by any number of other network functions. So it’s critical to troubleshoot DNS problems as fast as possible. So you can try to reduce the LAN card speed. Here is the step:
  START--> right-click My Network Places and click Properties
  right-click on the device and click properties
  Click on the CONFIGURE button
  Select the ADVANCED tab and the settings you can alter are listed on the left.
  If the issue still persist then here is the link which may help you in resolving the concern: http://www.techrepublic.com/blog/10things/10-tips-for-troubleshooting-dns-problems/1964

• Issue on Service Ports for outgoing connection

  Hi,
  My question is regarding to my desktop Mac making outgoing connection to an external IP address 184.84.124.244 using TCP protocol destination port 443 but using 40 Service Ports between 49170 through 49217.  This is an automatic outgoing connection by OS X 10.7.3 (I assumed as I did not make that connection).  Why such connection required 40 ports to be opened at the same time?  Anyone have any idea what might have caused that?  Thanks.

  There could be lots of outgoing connections when you fire up Safari, as an example, because by default it has many favourites that are RSS feeder. You could have added some new yourself.
  How do I find out if those connections stay up indefinitely?
  By the way just curious, how did you look up the IP address as who they are?
  If you are "Terminal aware" there are some commands that can help you in this direction
  host
  host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host prints a short summary of its command line arguments and options.
  netstat
  show network status
  whois
  The whois utility looks up records in the databases maintained by several Network Information Centers (NICs).
  nslookup
  query Internet name servers interactively
  dig
  dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
  just to name a few.
  netstat in particular let you know which connections and their relative status are going on between your computer and the rest of the world

• Windows server 2008 R2 stuck at applying computer settings

  Hello all:
  i have seen other posts with this same problem, but none of them apply to my situation.
  i have a set of virtual servers, mounted over Vsphere 5.5 running on XenApp, all basically with the same configuration, except for the hosted applications, however i only have problems with some of those servers.
  i have tried:
  placing the servers on an empty OU --no change
  remove the native VMware network driver and install intel drivers --no change
  created the registry key : HKLM\SYSTEM\CurrentControlSet\Services\HTTP\DependOnService
  (value CRYPTSVC) --no change
  run winsock on the affected servers --worked...after a week the same situationis present.
  i tried changing the DNS server order -- worked
  i then tried to bring the DNS servers to the established order, and the servers where able to boot propperly.
  at this point im out of ideas!
  sorry, i meant R2!

  If I understand well, by tweaking the IP Settings DNS configuration, you were able to fix the problem.
  I would recommend that you use the IP settings I recommended here: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx
  As for the member servers / computers, make sure that they point only to internal DNS servers for DNS resolution. T troubleshoot DNS resolution, you can use
  NSlookup with debug mode: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Safari Stalls on SOME pages - loading ads?

  I moved an Intel Mini from an Airport network to an ethernet connection on the same network. Safari now has issues loading SOME but not all web pages. One page with a problem is www.macrumors.com - the content on the page loads but Safari stalls, apparently trying to load all the ads.
  The stall makes it impossible to use Safari, and needs to be "force quit".
  Other ethernet-connected Macs have no issues.
  I've done the usual troubleshooting; DNS, disabling DNS prefetching, etc. but nothing seems to resolve the issue.

  I have tried all of these solutions and find that at times nothing resolves the problem with Safari stalling except for switching from wi-fi to another connection method.   This is happening on different networks(routers) and is resolved if I disable wi-fi and connect via another means.    My 6 year old  OS-X on a 11 yr. MacBook pro never has any issues and is ALWAYS 3 times faster than the new Safari runs on a much more powerful machine running on the same wi-fi network.   Wish I could switch back to the older Safari.
  Here is my story:
  When Yosemite came out I installed it (and have applied all available patches) on my MacBook Pro,MacBook Air and 2 IPhones and now having problem with Safari stalling at 25% load progress point in webpage download at a fairly high frequency.    YOSEMITE REALLY *****  -- need to now figure out how to the MAVERICKS installed.
  Meanwhile,  I have another MacBook Pro -  11 Yr. old and 6 yr. old Safari and it is rock solid reliable and on average it's 3 times faster in loading (when compared to YOSEMITE when it's working that is).      As a result,   I had to download anothe r browser and as you would expect,  I am not having these problems with anothe r browser.
  Avoid YOSEMITE is you care an ounce about have a reliable Safari browser.
  Thanks for wasting my time Apple -- now I got the hours/hours of trying to reload 4 devices with MAVERICKS.
  I believe the issue has to do with using Safari via a Wi-Fi connection as when I turn on Wi-Fi on the Iphone's the problem seems to be resolved.     Unfortunately it's not an easy option to disable Wi-Fi on the MacBook Pro's/Air as it wouldn't be much fun to connect up with an ethernet cable.    It's not the Wi-Fi connection itself as it happens on all Routers in multiple locations and the 11 yr. old MB running 6 yr old Safari doesn't have the same problem.

• Portlet Preferences Gateway Issue

  I have a custom portlet, I am setting 2 custom preferences:
  PortletResponse.SetSettingValue(SettingType.Admin,"URL", TextBox1.Text);PortletResponse.SetSettingValue(SettingType.Admin,"Count",TextBox2.Text);These settings basically Set the URL and Site Count for a List. I have built this using the Plumtre EDK, and .net.I have a remote Server, IE not in the same Domain as the corporate portal server. The Preference work great. The portlets render fine everything is wonderful.When I place the code on our Production environment, the initial preference page loads with the gateway, but during postback where I am setting the Preferences above, I get a Gateway exception error. When I look at the URL of the preferences I do indeed see a 'Local' non gatewayed server in the URL. (When I use a server not on our Domain the preference are gatewayed." Has anyone run into this before..I haven't seen it, bugging me!

  Hi Terry,
  à
  I can ping the server with no problem when using the ip address, I can not do it using server name.
  Generally, it seems to be a DNS issue. on current situation, please run
  SBS BPA and check if find some related issues. Then, please use
  Nslookup tool to troubleshoot DNS problems. Meanwhile, please run
  DCDIAG /TEST:DNS to validate DNS health. In addition, would you please let me know how configure DNS?
  How To Install and Configure DNS Server in Windows Server
  2003
  Please also open Event Viewer and check if can find some events or errors. Those may help us to go further
  analyze.
  If anything I misunderstand or any update, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Why won't it work?

  I am trying to set up leopard server in advanced mode on a intel mac pro, i think i have the dns set up right, and i have web service turned on. I already had a domain name purchased from godaddy.com that was linked to my website on mobileme. Circumstances arose that now i need my own server and i can't for the life of me get the domain name i have from godaddy linked to my server. anyone have any thoughts of something that i have set up wrong. i have provided more information below. i have tried for over two weeks now on my own, thinking i could get it to work, but now i'm asking for some help.
  FYI: i'm working out of the Mac OS X Server Essentials Second Edition training book.
  dns settings
  xxx.xxx.x.xx reverse mapping
  xxx.xxx.x.x2 reverse mapping
  domain.com
  www alias server1.domain.com
  server1 machine xxx.xxx.x.xx
  client1 machine xxx.xxx.x.x2

  It is completely impossible for anyone to troubleshoot DNS issues without knowing the domain in question. There are just too many possibilities.
  Please post the domain name, then you might get some results.

• Access to shares

  I have set up my Time Capsule so that a couple of friends with Macs have their own user accounts which they can access over the Internet using afp. No problem there, it works very well. However both of them also have read/write access to the main shared area (same name as the TC hard drive). I'd like them to only have read access to this but cannot work out a way of doing it which doesn't also only give them read access to their own share. Any clues?

  Hi,
  How is it going? Can you ping the domain names of both domain controllers from your client?  I agree with Santhosh that something may go wrong with your DNS configuration. In order to better troubleshoot the issue, as also mentioned by Santhosh,
  you may provide us the ipconfig/all results from your troubled client and both DCs.
  In addition, regarding troubleshooting DNS issues, the following article can be referred to for more information.
  Troubleshooting DNS
  http://technet.microsoft.com/en-us/library/cc753041.aspx
  TechNet Subscriber Support
  If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
  Best regards,
  Frank Shen

• [Forum FAQ] DNS Dynamic Update Troubleshooting Guide

  As we all known,
  DNS Client service and DNS Server services support dynamic updates. With dynamic updates, the DNS client computer is allowed to dynamically register and update this resource
  records based on their fully qualified domain name by default. However, in some scenarios,
  we may find that
  the DNS records are not updated.
  To analyze this issue clearly, this kind of issue is divided into two parts in this article:
  Non-AD integrated zone with DHCP and DNS unintegrated
  AD-integrated zone with DHCP and DNS Integrated
  Next, we begin to troubleshoot this issue from the above two classes separately.
  Non-AD integrated zone with DHCP and DNS unintegrated
  1. Check if Dynamic Updates is enabled or not
  If you have encountered this kind of issues, firstly, Please check if dynamic updates is enabled in DNS server or not. You can right-click the domain in the
  Forward Lookup Zones, then select Properties. In the dialog, click
  General tab and choose Nonsecure and secure
  in the Dynamic updates box, then click OK. Please refer to Figure 1 and Figure 2
  Figure 1: Check DNS Server Settings-1
  Figure 2: Check DNS Server Settings-2
  2. Check DNS Suffix
  Besides, since all computers register records based on their fully qualified domain name, and the fully qualified domain name is based on the primary DNS suffix of a computer appended to its Computer name. We also need to check the DNS panel of Advanced TCP/IP
  settings in TCP/IP properties.
  Just as Figure 3, if Register this connection's address in DNS is selected and
  Use this connection's DNS suffix in DNS registration
  is not selected. This default configuration causes the client to request that the client register the Host resource record and the server register the PTR resource record. In these scenarios, please make sure the primary DNS suffix portion of a computer's FQDN
  is the same as the name of the Active Directory domain to which the computer is joined.
  Figure 3: Check DNS Client settings-1
  You can run “ipconfig/all” at the command prompt to check the Primary DNS suffix. From Figure 4, we can see that the Primary DNS suffix is blank.
  Figure 4: Check DNS Client settings-2
  To set the Primary DNS suffix, you can follow the steps below (Figure 5):
  Right-click
  My computer and then click Properties.
  In the
  System Properties dialog, click Computer Name tab and then click
  Change….
  In the
  Computer Name Changes panel, click More…, then you can type the domain name into the
  Primary DNS suffix of this computer and then click
  OK.
  Figure 5: Set the Primary DNS Suffix
  After set the primary DNS suffix, we can see that the Primary DNS suffix is demo.com in Figure 6.
  Figure 6: Primary DNS Suffix-demo.com
  If both
  Register this connection's address in DNS and Use this connection's DNS suffix in DNS registration are selected. You need to check the primary DNS suffix and connection-specific DNS suffix at the same time and make sure that
  the connection-specific domain name of this connection is the DNS suffix for this connection appended to the computer name. In the picture above, we can see that the Primary
  DNS suffix and Connection-specific DNS suffix are the same.
  AD-integrated zone with DHCP and DNS Integrated
  In some cases,
  this issue may happen when the DNS zone is AD-integrated and DHCP server is configured to register and update the A resource records and PTR records on behalf of the DHCP-enabled clients.
  1. Check if secure dynamic updates is enabled or not
  As everyone knows, DNS update security is available only for zones that are integrated into Active Directory Domain Services (we
  can see the difference from Figure 7 and Figure 2). Since secure dynamic updates can prevent unauthorized computers from overwriting existing names in DNS, generally, we recommend
  using only secure dynamic updates for AD-integrated zone.
  For AD-integrated zone, we can check if secure dynamic updates is enabled in DNS server or not firstly.
  You can right-click the domain in the Forward Lookup Zones, then select
  Properties. In the dialog, click General tab and choose
  Secure only in the Dynamic updates box, then click OK. Please refer to Figure 7.
  Figure 7: Check DNS Server Settings-2
  2. Check the DNS configuration and options settings on DHCP server
  We need to make sure
  that DHCP server is configured to register and to update client information with its configured DNS servers. You can check by right-clicking the
  IPv4 under your domain and choosing DNS in IPv4 properties.
  By default,
  the
  Enable DNS dynamic updates according to the settings below and
  the Dynamically update DNS A and PTR records only if requested by the DHCP clients box is checked. 
  You can also select Always dynamically update DNS A and PTR records box so that the DHCP server
  always registers and updates client information with its configured DNS servers. (Figure 8)
  Figure 8: DHCP Server Settings
  In addition, you need to check that the configuration 006 DNS server option in DHCP option is correct.
  You can check that by clicking
  Server Options in DHCP console. If the setting is incorrect, you can right-click the option and then choose
  Properties, then you can remove the wrong DNS server and add a correct one. (Figure 9)
  Figure 9: Check DHCP Options
  3.
  Check if the DHCP server is added to the DnsUpdateProxy security group
  Furthermore, as the DHCP server becomes the owner of the name since the DHCP server performs a secure dynamic
  update on that name, only that DHCP server can update the name. We would make sure the DHCP server is available. If the DHCP server fails, even other DHCP servers are online, they still have no right to update the client’s record because the other DHCP
  server are not the owner of the client name.
  To solve this, it is necessary to add the DHCP server to the DnsUpdateProxy security group in AD. You can follow the steps below to achieve that: (Figure 10 and Figure 11)
  Open ADUC, click
  Computers under your domain.
  Right-click your DHCP server and select
  Add to a group tab.
  Enter
  DnsUpdateProxy in the object name box and click
  Ok.
  Figure 10: Add DHCP Server to the DnsUpdateProxy security group – 1
  Figure 11: Add DHCP Server to the DnsUpdateProxy security group – 2
  After that, you can find that the DHCP server (In this demo, the DHCP server is W2K12R2) is a member of the DnsUpdateProxy group. (Figure 12)
  Figure 12: DHCP server is a member of the DnsUpdateProxy group
  4.
  Check the
  Credentials configuration for DNS update
  Furthermore, if
  a domain controller is running on the same host as the DHCP server and secure dynamic DNS update has been configured, you need to configure
  Credentials for DNS update.
  You can
  open DHCP console tree, right-click
  IPv4 and then click Properties. In the IPv4 Properties
  dialog, click Advanced, click
  Credentials, type the credentials that the DHCP server supplies when registering names using DNS dynamic updates, and then click
  OK. (Figure 13)
  Figure 13: Configure DNS dynamic update credentials
  More information:
  DHCP, Dynamic DNS Updates , Scavenging, static entries & timestamps, the DnsUpdateProxy Group, and DHCP Name Protection (Published by Ace Fekay, MVP)
  http://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx
  Integrating DHCP with DNS
  http://technet.microsoft.com/en-us/library/cc771732.aspx
  Using DNS servers with DHCP
  http://technet.microsoft.com/en-us/library/cc787034(v=ws.10).aspx
  How to configure DNS dynamic updates
  http://support.microsoft.com/kb/816592/en-us
  Keyword: Dynamic Update, Troubleshooting 
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  I have created one STATIC DNS Entry, for Example "ROSE" and
  1.                   Open
  the DNS snap-in.
  2.                   Right
  click the individual record (ROSE) and open the Properties dialog.
  3.                   Uncheck
  the Delete this record when it becomes stale option
  and click OK
  For
  the moment the time stamp will show as BLANK
  Then
  I logged in to server "ROSE" and restarted DHCP Client
  Service on server or restarted server, the time stamp is automatically setting as current date and "DELETE THIS RECORD WHEN IT BECOME STALE" check box also selected automatically
  and gets deleted after a week or so when the scavenging runs
  Is
  there any way to avoid the static entries become dynamic automatically. 
  Domain Controller or DNS OS is Windows server 2003 R2 Standard Edition SP2
  Thanks & Regards
  Dinesh Cholekkavil

• DNS request behind content switch: troubleshooting

  Hi, sometimes we experience problems resolving a dns name behind a content switch. The problem solves himself after 5 minutes or something like that. We see the dns request on the dns servers subnet. It looks like the is a problem when the packet returns. I'm thinking of a nat problem. How can i best troubleshoot this?

  Can i e-mail you the config file? I will also e-mail as soon as possible a network capture in front of the CSS. Where can i e-mail it? For the moment dns is working so i will have to wait for network capture untill it fails again.
  Kind regards,
  Frederik De Muyter
  [email protected]

• Troubleshooting about DNS

  I have to analyze capture to sniffer for a problem about reply DNS that don't working fine.
  Does somebody advice me an document that can help me to interpreted this trace?
  best regards
  Lorenzo

  Hi Lorenzo
  The RFC documents are the best references available about DNS and almost anything else related with the Internet.
  RFC 1034 covers basic DNS concepts and the protocol inner workings. It can be found here:
  http://www.zytrax.com/books/dns/apd/rfc1034.txt
  Sometimes the RFC documents are somewhat difficult to read, so I would suggest you first grab a copy of some TCP/IP book ( Comer's Internetworking with TCP/IP, Stevens' TCP/IP Illustrated, etc.) and then return to the RFC documents if something is missing on the book.
  http://www.amazon.com/exec/obidos/tg/detail/-/0130183806/qid=1127234181/sr=8-2/ref=pd_bbs_2/002-5754392-4094454?v=glance&s=books&n=507846
  Regards.