Re: Bad packets and invalid domain names Please help
- From: "Steve Duff [MVP]" <ergodic@xxxxxxxxxxxxxxxxxxx>
- Date: Tue, 26 Jul 2005 14:30:00 -0700
The 5504 errors are usually from Exchange Server and if so are (more or less) benign. If you think the errors are from outside
resolutions through your ISPs DNS, disable forwarders in your DNS and just resolve with the root hints - this can correct the bad
packet errors and is a little more secure anyway. If you still can't track them down, you can load up Etherreal or netmon and filter
on port 53 to see what they are. However I wouldn't spend a lot of time wandering down that road unless you can determine that is
the source of the problems you are having.
At any rate, it isn't clear whether these errors, or DNS at all, has anything to do with your issues. It also isn't entirely clear
from your post what the specific problems are.
If you can post a "netdiag /fix" log from a DC and any client-side events that are being logged contemporaneiously with the
problems, it might help determine better what is going on. As a general (not absolute) rule, if a netdiag comes up clean, your
internal DNS is probably configured properly for AD.
Steve Duff,. MCSE, MVP
Ergodic Systems, Inc.
"Ken D" <KenD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:01DD0655-229F-466F-9CB4-1480FCE21A15@xxxxxxxxxxxxxxxx
>I am having some issues with DNS. here is my situation, i am unable to
> authenticate any shares or printers on my domain, kerebos logins work fine
> however the user to share SID check is not working. upon inspection my dns
> log is filling with the following errors.
>
> Event ID: 3000
> Source DNS
> The DNS server has encountered numerous run-time events. To determine the
> initial cause of these run-time events, examine the DNS server event log
> entries that precede this event. To prevent the DNS server from filling the
> event log too quickly, subsequent events with Event IDs higher than 3000 will
> be suppressed until events are no longer being generated at a high rate.
>
> Event ID: 5501
> Source DNS
> The DNS server encountered a bad packet from X.X.X.X. Packet processing
> leads beyond packet length. The event data contains the DNS packet.
>
> Where X.X.X.X is the internal IP of my router.
>
>
> Event ID: 5506
> Source DNS
> The DNS server encountered an invalid domain name offset in a packet from
> X.X.X.X. The event data contains the DNS packet.
>
> Event ID: 5504
> Source DNS
> The DNS server encountered an invalid domain name in a packet from X.X.X.X.
> The packet will be rejected. The event data contains the DNS packet.
>
> I am at a complete loss as to what i need to do next as i have never seen
> this problem before.
>
> all of the information i can find related to these event IDs typically have
> to do with a problem with the ISP dns servers IP address causing the problem,
> not a router.
.
- Follow-Ups:
- References:
- Bad packets and invalid domain names Please help
- From: Ken D
- Bad packets and invalid domain names Please help
- Prev by Date: Re: 033 static route in NT4 DHCP
- Next by Date: URGENT--Unable to establish connection with global catalog.
- Previous by thread: Bad packets and invalid domain names Please help
- Next by thread: Re: Bad packets and invalid domain names Please help
- Index(es):
Relevant Pages
|
