Event ID 7062 in DNS logs
- From: ovidiu_m_gheorghita@xxxxxxxxx
- Date: 2 Jan 2006 09:05:28 -0800
Hi,
I installed a Windows 2003 forest containing one root domain and few
child domains. The forest has Windows 2003 internal DNS servers which
means that has no internet communication.
All domain controllers on the root and child domains are also DNS
servers with AD-integrated DNS zones.
On all DNS servers I deleted the default root internet root hints, I
let the Root Hints tab empty for the root servers and I populated it
with the root servers addresses on all the child domain DNS servers.
For all child domains, requested delegations were made into the root
DNS zone.
The problem is that, when I reboot a root server, its Root Hins tab
becomes populated with the root servers FQDN and IP address (so its own
address too). Then, every 15 minutes, the Event ID 7062 appears in the
DNS log in the Event Viewer:
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 7062
Date: 02/01/2006
Time: 16:43:11
User: N/A
Computer: ROOT1
Description:
The DNS server encountered a packet addressed to itself on IP address
192.168.74.9. The packet is for the DNS name
"_ldap._tcp.ROOT1SITE._sites.dc._msdcs.co.test.com.". The packet will
be discarded. This condition usually indicates a configuration error.
Check the following areas for possible self-send configuration errors:
1) Forwarders list. (DNS servers should not forward to themselves).
2) Master lists of secondary zones.
3) Notify lists of primary zones.
4) Delegations of subzones. Must not contain NS record for this DNS
server unless subzone is also on this server.
5) Root hints.
Example of self-delegation:
-> This DNS server dns1.example.microsoft.com is the primary for the
zone example.microsoft.com.
-> The example.microsoft.com zone contains a delegation of
bar.example.microsoft.com to dns1.example.microsoft.com,
(bar.example.microsoft.com NS dns1.example.microsoft.com)
-> BUT the bar.example.microsoft.com zone is NOT on this server.
Note, you should make this delegation check (with nslookup or DNS
manager) both on this DNS server and on the server(s) you delegated the
subzone to. It is possible that the delegation was done correctly, but
that the primary DNS for the subzone, has any incorrect NS record
pointing back at this server. If this incorrect NS record is cached at
this server, then the self-send could result. If found, the subzone
DNS server admin should remove the offending NS record.
You can use the DNS server debug logging facility to track down the
cause of this problem.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 25 00 00 P%..
or
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 7062
Date: 02/01/2006
Time: 16:12:05
User: N/A
Computer: ROOT1
Description:
The DNS server encountered a packet addressed to itself on IP address
192.168.74.9. The packet is for the DNS name ".". The packet will be
discarded. This condition usually indicates a configuration error.
Check the following areas for possible self-send configuration errors:
1) Forwarders list. (DNS servers should not forward to themselves).
2) Master lists of secondary zones.
3) Notify lists of primary zones.
4) Delegations of subzones. Must not contain NS record for this DNS
server unless subzone is also on this server.
5) Root hints.
Example of self-delegation:
-> This DNS server dns1.example.microsoft.com is the primary for the
zone example.microsoft.com.
-> The example.microsoft.com zone contains a delegation of
bar.example.microsoft.com to dns1.example.microsoft.com,
(bar.example.microsoft.com NS dns1.example.microsoft.com)
-> BUT the bar.example.microsoft.com zone is NOT on this server.
Note, you should make this delegation check (with nslookup or DNS
manager) both on this DNS server and on the server(s) you delegated the
subzone to. It is possible that the delegation was done correctly, but
that the primary DNS for the subzone, has any incorrect NS record
pointing back at this server. If this incorrect NS record is cached at
this server, then the self-send could result. If found, the subzone
DNS server admin should remove the offending NS record.
You can use the DNS server debug logging facility to track down the
cause of this problem.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 25 00 00 P%..
What is the configuration error?
Should I create a "." DNS zone on the root DNS servers in order to
"tell" them that they are the root DNS servers? How to do that? Is for
this reason that I have this warning message poluating the logs?
Thank you,
omg
.
- Follow-Ups:
- Re: Event ID 7062 in DNS logs
- From: Ace Fekay [MVP]
- Re: Event ID 7062 in DNS logs
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: Event ID 7062 in DNS logs
- Prev by Date: Re: 2 IP adresses but only one to register
- Next by Date: Re: AD integrated DNS transfer
- Previous by thread: Re: 2 IP adresses but only one to register
- Next by thread: Re: Event ID 7062 in DNS logs
- Index(es):
Relevant Pages
|
Loading
