Re: DNS Event 5504

From: Kevin D. Goodknecht Sr. [MVP] (admin_at_nospam.WFTX.US)
Date: 12/01/04 

Date: Wed, 1 Dec 2004 11:47:32 -0600

In news:46B207F5-51C4-4F72-8403-9BC6664781AF@microsoft.com,
sktech <sktech@discussions.microsoft.com> commented
Then Kevin replied below:
> I am receiving invalid packet messages in my DNS Log.
> They seem to be coming from Doubleclick name servers. I
> have DNS cache pollution checked on my server and in the
> forwarders tab there is "all other DNS domains". How can
> I prevent this traffic? Running W2K3.

This has come up on these DNS servers a lot(doubleclick.net) I have been
recommending that people block these servers at the firewall because
doubleclick.net is a known ad ware site. So you won't miss much, except ads.

That said, it is possible that this is a EDNS issue, if you have a firewall
that blocks UDP packets over 512 bytes, such as a Pix firewall. If you have
a Pix firewall, check with the Cisco website on fixing the firewall to allow
UDP packets up to the MTU of your internet link. (Normally 1500 bytes) UDP
is more efficient and requires less overhead than TCP.
828731 - An External DNS Query May Cause an Error Message in Windows Server
2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;828731 

-- 
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Relevant Pages

  • Re: DHCP assinged DNS servers dont work
    ... Although the WinXP firewall is enabled and configured via Group ... The first two DNS servers are AD controllers running ONLY core ... I have 75 WinXP machines on a Win2K3 domain using DHCP for address ...
    (microsoft.public.windows.server.networking)
  • Re: Windows 2003 external nslookup times out, internal works
    ... I can see the packets getting through. ... I can see the system passing DNS ... requests out to the root servers and forwarders if I have them specified. ... > Did you verify that the EDNS packets are getting through? ...
    (microsoft.public.windows.server.dns)
  • Re: Automatic primary zone to primary zone transfers???
    ... [That is the ICF (firewall) even though ICF and ICS are on the same dialog.] ... They are AD Integrated DNS servers. ...
    (microsoft.public.windows.server.dns)
  • Re: Weird DNS behavior
    ... All my DNS servers are behind a firewall and, ... you have to either fix the firewall to allow DNS to use ... Cisco PIX, block these UDP packets, because they exceed 512 bytes. ...
    (microsoft.public.windows.server.dns)
  • RE: Firewall Rule Set not allowing access to DNS servers?
    ... I changed the DNS rules as you suggested, and the firewall works perfectly - ... > # Allow out access to my ISP's Domain name server. ... > so your udp packets never match this rule and default to ...
    (freebsd-questions)