Re: DNS Forward lookup problem - now having problems with a period
- From: "pbrill1" <pbrill1@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 22 Aug 2005 13:38:22 -0700
Thank you for the links - there seems to be good information to build my
knowledge AD diagnostics and FRS. To address your response (a question
remains at the end of this, too!):
1. Can you describe your topology?
W2K3 Single Forest/Single Domain
> 2. How many domains do you have?
1
> 3. How did you set the replication scopes in the zone's properties in DNS on
> each DNS server?
They had been "only to servers listed on the name servers tab", with the
2 DC's listed in the name server's tab
I modified it to "only to the following servers" and placed only 10.0.2.3 in
the 10.0.0.9 DNS's tab, and 10.0.2.3 in the 10.0.0.9 server's tab
> 4. What sort of WAN or ISP link do you have (T1, ADSL, SDSL, Cable, etc)?
The 10.0.0.9 server is on a T1 link - it connects via a VPN tunnel
to the remote 10.0.2.3 server, which runs on cable (we are working on
bringing the remote DC to T1, but not until mid-September)
Question : * Could our non-T1 connection at the remote server be so 'slow'
as to cause 13508 errors?? What should change, if this were so?
> 5. The router/VPN devices you are using?
- CISCO PIX devices
> 6. The MTU settings in the router (or if they've been altered).
- the settings on the routers have not been altered since the
replication was working successfully
> 7. Please provide an unedited ipconfig /all from 10.0.0.9 and10.0.2.3
Windows IP Configuration
Local Server
Host Name . . . . . . . . . . . . : primarydc
Primary Dns Suffix . . . . . . . : internalnetwork.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : internalnetwork.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC3163 Fast Ethernet NIC
Physical Address. . . . . . . . . : 01-05-02-41-0D-A3
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.9
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 10.0.0.9
10.0.2.3
Primary WINS Server . . . . . . . : 10.0.0.9
Secondary WINS Server . . . . . . : 10.0.2.3
Remote Server
Windows IP Configuration
Host Name . . . . . . . . . . . . : secondarydc
Primary Dns Suffix . . . . . . . : internalnetwork.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : internalnetwork.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 01-2F-25-CF-43-3E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.2.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.2.2
DNS Servers . . . . . . . . . . . : 10.0.2.3
10.0.0.9
Primary WINS Server . . . . . . . : 10.0.2.3
Secondary WINS Server . . . . . . : 10.0.0.9
Additional note: Since my previous message, I replicated DNS info to the
remote DC by unchecking "store zone in AD", making the local the primary,
and the remote the secondary DNS server. It worked - although for security
reasons, I'd like to return the DNS Servers to AD-integrated, secure only!
I also checked dcdiag, netdiag, repadmin, and frsdiag utilities, and was
able to clean up a few instances of our "dctemp" dc that was removed from our
network.
REMAINING PROBLEM: I am STILL getting 13508 messages, with only occasional
13509 messages.
Any suggestions to improve the quality of our site link/dns replication
would be much appreciated.
--
pbrill1
"Ace Fekay [MVP]" wrote:
> In news:0BD39091-3B48-494F-9E50-7DA440740E3F@xxxxxxxxxxxxx,
> pbrill1 <pbrill1@xxxxxxxxxxxxxxxxxxxxxxxxx> made this post, which I then
> commented about below:
> > Thanks, both Herb and Kevin, for your input - the tests have been very
> > helpful. In one case, it found a MESSENGER service on both DC's that
> > was disabled, which I started on both machines.
> >
> > I've noticed that I'm having FRS errors - that the local DC cannot
> > resolve the remote DC name (NtFRS error 13508). (the local and
> > remote dc's have FRS running, too).
> >
> > Is there an FRS tool?
> >
> > As a temporary fix for the remote site, I added a forward lookup zone
> > with the same name, company.net , and added a few host (A) records,
> > which temporarily got the computers in the remote area to work.
> >
> > Should I remove the dupliate forward lookup zone from the remote DC?
> > Will the replication process (if I can get it working again) sync up
> > with this duplicated forward lookup zone?
> >
> > If I can 'repair' the duplicate forward lookup zone, I've noticed
> > that it doesn't have the IP address of the local DC in the
> > ForestDNSZone and DomainDNSZone. Should I add these entries to the
> > remote DC's duplicate forward lookup zone, or am I creating
> > "Kerberos" trouble by doing so?
>
> Registration into DNS is automatic by the Netlogon service. Depending on the
> problem would dictate how to "repair" this. Replication is done via AD's
> replication process. If you're saying the ForestDNSZone and DomainDNSZone
> partitions are not replicating, then it's telling me you do have a
> replication problem and nothing really to repair the FLZ.
>
> There's an frsdiag tool.
> Active Directory Diagnostics, Troubleshooting, and Recovery in Windows
> Server 2003, April 19, 2004:
> http://www.microsoft.com/technet/community/chats/trans/windowsnet/wnet0419.mspx
>
> Using Ultrasound to Monitor and Troubleshoot File Replication Service (FRS),
> February 4, 2003:
> http://www.microsoft.com/technet/community/chats/trans/windowsnet/wnet0204.mspx
>
> 1. Can you describe your topology?
> 2. How many domains do you have?
> 3. How did you set the replication scopes in the zone's properties in DNS on
> each DNS server?
> 4. What sort of WAN or ISP link do you have (T1, ADSL, SDSL, Cable, etc)?
> 5. The router/VPN devices you are using?
> 6. The MTU settings in the router (or if they've been altered).
> 7. Please provide an unedited ipconfig /all from 10.0.0.9 and10.0.2.3
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
> Infinite Diversities in Infinite Combinations.
> =================================
>
>
>
.
- Follow-Ups:
- Re: DNS Forward lookup problem - now having problems with a period
- From: Ace Fekay [MVP]
- Re: DNS Forward lookup problem - now having problems with a period
- References:
- DNS Forward lookup problem - now having problems with a period (.)
- From: pbrill1
- Re: DNS Forward lookup problem - now having problems with a period (.)
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS Forward lookup problem - now having problems with a period
- From: pbrill1
- Re: DNS Forward lookup problem - now having problems with a period
- From: Ace Fekay [MVP]
- DNS Forward lookup problem - now having problems with a period (.)
- Prev by Date: Re: reestablish trust relationship
- Next by Date: RAS IP Addresses?
- Previous by thread: Re: DNS Forward lookup problem - now having problems with a period
- Next by thread: Re: DNS Forward lookup problem - now having problems with a period
- Index(es):
Relevant Pages
|
