Server 2008 R2 DNS Failure on AAAA Lookup via Root Hints

-

ok, i've read various post around edns, etc.  , i've tried "enableednsprobes" on , off.  updated root hints root server.  restarted dns server.

using root hints resolve "in.mp.uso.im" doesn't seem work.  forwarding 8.8.8.8 ok.

netmon on w2k8 r2 dns server shows query arriving, going out correct nameservers , correct noerror response coming server.  why oh why server send servfail?

what have missed???

dns logging shows following:

12/06/2012 20:32:15 100c packet  0000000008a3a130 udp rcv 192.168.1.253   0009   q [0001   d   noerror] aaaa   (2)in(2)mp(3)uso(2)im(0)
udp question info @ 0000000008a3a130
  socket = 448
  remote addr 192.168.1.253, port 60014
  time query=610882, queued=0, expire=0
  buf length = 0x0fa0 (4000)
  msg length = 0x001e (30)
  message:
    xid       0x0009
    flags     0x0100
      qr        0 (question)
      opcode    0 (query)
      aa        0
      tc        0
      rd        1
      ra        0
      z         0
      cd        0
      ad        0
      rcode     0 (noerror)
    qcount    1
    acount    0
    nscount   0
    arcount   0
    question section:
    offset = 0x000c, rr count = 0
    name      "(2)in(2)mp(3)uso(2)im(0)"
      qtype   aaaa (28)
      qclass  1
    answer section:
      empty
    authority section:
      empty
    additional section:
      empty

12/06/2012 20:32:15 100c packet  0000000026da1d70 udp snd 82.2.158.200    6da1   q [1000       noerror] aaaa   (2)in(2)mp(3)uso(2)im(0)
udp question info @ 0000000026da1d70
  socket = 2392
  remote addr 82.2.158.200, port 53
  time query=0, queued=0, expire=0
  buf length = 0x0fa0 (4000)
  msg length = 0x0029 (41)
  message:
    xid       0x6da1
    flags     0x0010
      qr        0 (question)
      opcode    0 (query)
      aa        0
      tc        0
      rd        0
      ra        0
      z         0
      cd        1
      ad        0
      rcode     0 (noerror)
    qcount    1
    acount    0
    nscount   0
    arcount   1
    question section:
    offset = 0x000c, rr count = 0
    name      "(2)in(2)mp(3)uso(2)im(0)"
      qtype   aaaa (28)
      qclass  1
    answer section:
      empty
    authority section:
      empty
    additional section:
    offset = 0x001e, rr count = 0
    name      "(0)"
      type   opt  (41)
      class  4000
      ttl    32768
      dlen   0
      data   
        buffer size  = 4000
        rcode ext    = 0
        rcode full   = 0
        version      = 0
        flags        = 80 do

12/06/2012 20:32:15 100c packet  00000000065fcc30 udp rcv 82.2.158.200    6da1 r q [1084 a     noerror] aaaa   (2)in(2)mp(3)uso(2)im(0)
udp response info @ 00000000065fcc30
  socket = 2392
  remote addr 82.2.158.200, port 53
  time query=610882, queued=0, expire=0
  buf length = 0x0fa0 (4000)
  msg length = 0x006e (110)
  message:
    xid       0x6da1
    flags     0x8410
      qr        1 (response)
      opcode    0 (query)
      aa        1
      tc        0
      rd        0
      ra        0
      z         0
      cd        1
      ad        0
      rcode     0 (noerror)
    qcount    1
    acount    0
    nscount   1
    arcount   1
    question section:
    offset = 0x000c, rr count = 0
    name      "(2)in(2)mp(3)uso(2)im(0)"
      qtype   aaaa (28)
      qclass  1
    answer section:
      empty
    authority section:
    offset = 0x001e, rr count = 0
    name      "[c00f](2)mp(3)uso(2)im(0)"
      type   soa  (6)
      class  1
      ttl    60
      dlen   57
      data   
        primaryserver: (10)lgfl2f5orp(4)lgfl(3)org(2)uk(0)
        administrator: (10)hostmaster[c02a](10)lgfl2f5orp(4)lgfl(3)org(2)uk(0)
        serialno     = 2
        refresh      = 10800
        retry        = 3600
        expire       = 604800
        minimumttl   = 60
    additional section:
    offset = 0x0063, rr count = 0
    name      "(0)"
      type   opt  (41)
      class  4096
      ttl    32768
      dlen   0
      data   
        buffer size  = 4096
        rcode ext    = 0
        rcode full   = 0
        version      = 0
        flags        = 80 do

12/06/2012 20:32:15 100c packet  0000000008a3a130 udp snd 192.168.1.253   0009 r q [8281   dr servfail] aaaa   (2)in(2)mp(3)uso(2)im(0)
udp response info @ 0000000008a3a130
  socket = 448
  remote addr 192.168.1.253, port 60014
  time query=610882, queued=610882, expire=610885
  buf length = 0x0200 (512)
  msg length = 0x001e (30)
  message:
    xid       0x0009
    flags     0x8182
      qr        1 (response)
      opcode    0 (query)
      aa        0
      tc        0
      rd        1
      ra        1
      z         0
      cd        0
      ad        0
      rcode     2 (servfail)
    qcount    1
    acount    0
    nscount   0
    arcount   0
    question section:
    offset = 0x000c, rr count = 0
    name      "(2)in(2)mp(3)uso(2)im(0)"
      qtype   aaaa (28)
      qclass  1
    answer section:
      empty
    authority section:
      empty
    additional section:
      empty

i've looked network tace more , done reading.

the reqest aaaa record, when non-existant, returns soa.

turns out soa a different domain that being requested.  suspect that's why windows rejecting response.

request  aaaa mx.atomwide.com.
response soa lgfl.org.uk.

i see if can make progress information.

edit: future reference, temporarily turning off "secure cache against pollution" allow query succeed.  not ideal, proves issue dodgy dns record.

rfc4074 referemce - intro , section 4.5.
http://www.ietf.org/rfc/rfc4074.txt

-- richard carde




Windows Server  >  Network Infrastructure Servers



Comments

Post a Comment

Popular posts from this blog

Cannot access Anywhere Access using domain name?

-
after installing anywhere access in windows server 2012 essentials r2, cannot use anywhere access using setup domain name in wizard such remote.mydomain.com? if enter public ip address, example, 72.2.34.5 works. before set anywhere access, created a record pointing public address...pinged , worked...so not sure doing wrong?  is wizard supposed create record etc , make remote.mydomain.com work? if enter public ip address while on lan, takes me router webpage.  shouldn't work on lan if accessed via public ip? thank you, tim. the wizard can configure remote.microsoft_names.com  remote.remotewebaccess.com but cannot configure domains purchased outside wizard.  depends on how domain configured if wildcard.yourdomain.com should work  if try ping remote.your_domain.com afar , not give proper  public ip, need add record mariette said. much have record domain.com www.domain.com , if have website somewhere else www.domain.com , need re...
Read more

server manager error: ADAM.events.xml could not be enumerated.

-
firewall off isnt it. rerun ldap wizard:?  why?  will screw exchange server running on machine?  ldap wizard asks questions don't understand. please dont send generic links to: http://social.technet.microsoft.com/wiki/contents/articles/13444.windows-server-2012-server-manager-troubleshooting-guide-part-ii-troubleshoot-manageability-status-errors-in-server-manager.aspx thanks, john hi john, >> ok. server manager app. these questions refer this. nothing else 2.  do need create app dir or not?  this server manager, shouldnt done? (why did break in first place?) how check if app dir exists server manager or not. 3.  if "lightweight" implementation of anything, sure hate see "heavyweight" version. the waring events can't enumerated. , cause not completing configuration of ad lds. ad lds not related server manager. used provide flexible support directory-enabled applications. if not implementing such application...
Read more

send messages to users

-
i have domain server windows 2000 sp4. my clients using win xp , win 98. when send messages computer management-shared folders-rightclick-all task-send message connected users, message received clients using winxp but not in  win 98 .how send them without winpopup  , net meeting. this forum windows server 2008.   check messenger service running on win98-clients. (haven't seen win 98 in while might not available...) Windows Server  >  Directory Services
Read more