DNS queries every 4 minutes

---

• From: "wrentham" <wrentham@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 14 Jun 2005 09:20:04 -0700

---

hi,

I've copied some DNS queries from my Windows 2003 server below. These have
come from the DNS Server's Debug log. Can anyone shed some light on what the
queries are doing? These queries are appearing every 4 minutes. The server is
a single server in an Active Directory domain. The server is set up to
forward unknown requests to my ISP's DNS Servers.

192.168.1.2 - My Server
159.130.230.6 159.130.240.17 - ISP DNS servers

11:06:21 0CC PACKET UDP Snd 192.168.1.2 8996 R Q [8385 A DR NXDOMAIN]
(4)STJO(4)STJO(5)local(0)
UDP response info at 007FCC90
Socket = 388
Remote addr 192.168.1.2, port 1028
Time Query=7245823, Queued=0, Expire=0
Buf length = 0x0500 (1280)
Msg length = 0x0062 (98)
Message:
XID 0x8996
Flags 0x8583
QR 1 (RESPONSE)
OPCODE 0 (QUERY)
AA 1
TC 0
RD 1
RA 1
Z 0
RCODE 3 (NXDOMAIN)
QCOUNT 1
ACOUNT 0
NSCOUNT 1
ARCOUNT 0
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(4)STJO(4)STJO(5)local(0)"
QTYPE A (1)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
Offset = 0x0021, RR count = 0
Name "(4)stjo(5)local(0)"
TYPE SOA (6)
CLASS 1
TTL 90000
DLEN 43
DATA
PrimaryServer: (7)server1[C021](4)stjo(5)local(0)
Administrator: (10)hostmaster[C021](4)stjo(5)local(0)
SerialNo = 859
Refresh = 86400
Retry = 86400
Expire = 86400
MinimumTTL = 86400
ADDITIONAL SECTION:
empty

11:06:21 0C8 PACKET UDP Snd 159.130.230.6 0900 Q [0001 D NOERROR]
(4)STJO(4)STJO(0)
UDP question info at 007EADC0
Socket = 404
Remote addr 159.130.230.6, port 53
Time Query=0, Queued=0, Expire=0
Buf length = 0x0500 (1280)
Msg length = 0x0026 (38)
Message:
XID 0x0900
Flags 0x0100
QR 0 (QUESTION)
OPCODE 0 (QUERY)
AA 0
TC 0
RD 1
RA 0
Z 0
RCODE 0 (NOERROR)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 1
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(4)STJO(4)STJO(0)"
QTYPE A (1)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
Offset = 0x001b, RR count = 0
Name "(0)"
TYPE OPT (41)
CLASS 1280
TTL 0
DLEN 0
DATA (none)

11:06:27 600 PACKET UDP Snd 159.130.240.17 0900 Q [0001 D NOERROR]
(4)STJO(4)STJO(0)
UDP question info at 007EADC0
Socket = 404
Remote addr 159.130.240.17, port 53
Time Query=0, Queued=0, Expire=0
Buf length = 0x0500 (1280)
Msg length = 0x0026 (38)
Message:
XID 0x0900
Flags 0x0100
QR 0 (QUESTION)
OPCODE 0 (QUERY)
AA 0
TC 0
RD 1
RA 0
Z 0
RCODE 0 (NOERROR)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 1
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(4)STJO(4)STJO(0)"
QTYPE A (1)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
Offset = 0x001b, RR count = 0
Name "(0)"
TYPE OPT (41)
CLASS 1280
TTL 0
DLEN 0
DATA (none)

11:06:27 0CC PACKET UDP Snd 192.168.1.2 6690 R Q [8385 A DR NXDOMAIN]
(4)STJO(4)STJO(0)
UDP response info at 007F7CC0
Socket = 388
Remote addr 192.168.1.2, port 1028
Time Query=7245829, Queued=0, Expire=0
Buf length = 0x0500 (1280)
Msg length = 0x001b (27)
Message:
XID 0x6690
Flags 0x8583
QR 1 (RESPONSE)
OPCODE 0 (QUERY)
AA 1
TC 0
RD 1
RA 1
Z 0
RCODE 3 (NXDOMAIN)
QCOUNT 1
ACOUNT 0
NSCOUNT 0
ARCOUNT 0
QUESTION SECTION:
Offset = 0x000c, RR count = 0
Name "(4)STJO(4)STJO(0)"
QTYPE A (1)
QCLASS 1
ANSWER SECTION:
empty
AUTHORITY SECTION:
empty
ADDITIONAL SECTION:
empty





.

---

• Prev by Date: DNS Help
• Next by Date: Re: AD 2003 Design from NT 4
• Previous by thread: DNS Help
• Next by thread: Re: AD 2003 Design from NT 4
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Non-existent A record being returned... ... ; Query 1 ... These DNS servers are set up to forward queries to two other DNS ... Nslookup has it's own resolver service, and doesn't rely or use Windows resolver service, or the local cache, but rather directly queries DNS, where I'm assuming you're referring to clearing the DNS server cache? ... (microsoft.public.windows.server.dns) Re: SMTP delivery problem ... Searching for Exchange external DNS settings. ... Checking TCP/UDP SOA serial number using DNS server. ... Starting TCP and UDP DNS queries for the local domain. ... (microsoft.public.inetserver.iis.smtp_nntp) Please help I cannot send messages from exchange 2003 account ... I have just installed exchange 2003 server and I am trying to send message ... Searching for Exchange external DNS settings. ... Starting TCP and UDP DNS queries for the local domain. ... (microsoft.public.exchange.setup) SMTP delivery problem ... Searching for Exchange external DNS settings. ... Checking TCP/UDP SOA serial number using DNS server. ... Starting TCP and UDP DNS queries for the local domain. ... (microsoft.public.inetserver.iis.smtp_nntp) Re: SMTP delivery problem ... Searching for Exchange external DNS settings. ... Checking TCP/UDP SOA serial number using DNS server. ... Starting TCP and UDP DNS queries for the local domain. ... (microsoft.public.inetserver.iis.smtp_nntp)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.dns  > 2005-06