Question

Locked

Help with DNS removel/reinstall Event 7062

By Twistedpear ·
Ive scoured the site for the answer for this, but being so new to Server2003 and AD, Ive yet to find the exact solution. So, I apologize for the duplication.

Ive got a single Win2003 Enterprise server, acting as PDC, running AD/DNS. DHCP is handled by a Cisco ASA 5505. Users can access the server resources, as well as external websites, but in order to access external sites, I had to configure external DNS along with internal server DNS on each client.
Users are complaining of random, intermittent general slow-downs in LAN access to server resources.

In looking in the event viewer, I found there to be HUNDREDS of entries in the DNS Server section like this:

Event I 7062 Source: DNS
The DNS server encountered a packet addressed to itself on IP address 192.168.0.2. The packet is for the DNS name "_ldap._tcp.pdc._msdcs.lightsaber.local.". The packet will be discarded. This condition usually indicates a configuration error.

Ive read quite a bit about removing/reinstalling DNS, but have yet to be able to successfully remove DNS. When I remove/reinstall, the same settings are present. I used this process... to no avail:
-remove dns in configure your server
-remove dns folder from system32
-in system32\config remove netlogon.dnb and netlogon.dns
reinstall dns (configure your server) with the correct zone name
then at the command prompt:
ipconfig /registerdns
net stop netlogon
net start netlogon
If someone could please either let me know how to fix the error, OR... properly remove/reinstall DNS... that would be great. Again, Im new to AD, so it seems I require a bit of a dumbed down advice.
If any of you have stock in Advil... "your welcome".

Thanks !

Keith

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Try this...

How to troubleshoot 7062 errors logged in DNS event log

SUMMARY
This article describes how to troubleshoot the cause or causes of event ID 7062 on a DNS server that is running Microsoft Windows 2000 or Microsoft Windows NT Server 4.0.

If event ID 7062 logs on your DNS server, it will appear as follows:
EVENT message 7062:
DNS Server encountered a packet addressed to itself -- IP address<actual IP address>. The DNS server should never be sending a packet to itself. This situation usually indicates a configuration error.
Check the following areas for possible self-send configuration errors:

1) Forwarders list. (DNS servers should not forward to themselves).
2) Master lists of secondary zones.
3) Notify lists of primary zones.
4) Delegations of subzones. Must not contain NS record for DNS server.
As part of your troubleshooting, you may find that none of the steps that are listed in event ID 7062 apply to your DNS server. However, event ID 7062 may continue to log on your DNS server. This article discusses some of the other reasons why this issue may occur.

Step 4 of event ID 7062 may lead you to conclude that for the event to be triggered, a primary DNS server must create a delegation of a subdomain. However, the root DNS servers maintain the .com, .net, and other domains. Additionally, the root DNS servers delegate the namespace under those domains to other DNS servers. Therefore, although your DNS server may be the primary DNS server for example.com, your DNS server has been delegated that responsibility by the ".com" DNS server or servers.

This means that if you have registered a domain with the NSFnet Network Information Center (InterNIC), and they delegate that domain to your DNS server, it is your responsibility to make sure that your DNS server can handle all requests for the registered domain.

For example, you have a DNS server at dns.example.com, and you have recently registered example.org with InterNIC. After InterNIC delegates example.org to your DNS server, you must create a zone file that can answer queries for example.org.

The following hypothetical sequence of events describes how event ID 7062 may continue to log to your DNS server if you have not configured it to maintain zone files for domains that you have registered.
1.
A client computer tries to contact www.example.org. The client computer sends a query for www.example.org to the root servers. The root servers determine that the Start of Authority (SOA) for example.org is the DNS server dns.example.com at IP address 10.1.1.1. IP address 10.1.1.1 is your DNS server.
2.
The client computer sends a request to 10.1.1.1 for www.example.org. Your DNS server examines its zone files and determines that it is not the SOA for example.org because it does not have a zone file for www.example.org.
3.
Your DNS server sends an iterative query for example.org to the root servers.
4.
The root servers respond to the iterative query from your DNS server by telling your DNS server that the SOA, or owner of the domain, for example.org is at 10.1.1.1. Your DNS server examines itself for the answer to the query, and does not find one.
5.
If the root hints that are in Windows 2000 point to the same computer, event ID 7062 will log. For additional information about replacing the existing root hints with the default root hints, click the following article number to view the article in the Microsoft Knowledge Base:
249868 (http://support.microsoft.com/kb/249868/) Replacing root hints with the Cache.dns file


Note Event ID 7062 will log even when zone transfers are disabled. For more information about this behavior, see "Event ID 7062 logs even when zone transfers are disabled" in the More Information section.

MORE INFORMATION
How to find the actual requested domains
To find the actual requested domains, you must debug your DNS server. After you have created a log file, open it in Microsoft Word or Microsoft Excel. We do not recommend that you open the file in Notepad because Notepad does not parse characters into an easily readable format.

When you have the log file open, search for "7062." This search should bring you to the first error. After you find the error, scroll up. A DNS query log looks similar to the following code.
dns_ProcessMessage() for packet at 00A5E524.
dns_AnswerQuestion() for packet at 00A5E524.
Node for (3)www(10)mycompany(3)com(0) NOT in database.
Closest node found"com."
Encountered non-authoritative node with no matching RRs.
dns_ProcessMessage() for packet at 00A5EAC4.
Processing response packet at 00A5EAC4.
Packet contains RR for authoritative zone node: "dns.hello.com."
-- ignoring RR.dns_ContinueCurrentLookup() for query at 00A5E524.
dns_AnswerQuestion() for packet at 00A5E524.
dns_AnswerQuestionFromDatabase() for query at 00A5E524
node label = www
question type = 0x0001
ERROR: Self-send to address 10.1.1.1!!!
Log EVENT message 7062 (80001B96):

The following describes what occurs during the important phases of this log:
1.
The DNS query log starts with dns_ProcessMessage().
2.
The node for the request is www.example.org.
3.
Your DNS server cannot handle the request Encountered non-authoritative node.
4.
Your DNS server sends a dns_ProcessMessage to the root servers.
5.
The root servers send a response packet, Processing response packet, to your DNS server. This response indicates that your DNS server is the SOA for example.org.
6.
Your DNS server ignores the response packet.
7.
Event ID 7062 logs on your DNS server.

Event ID 7062 logs even when zone transfers are disabled
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/) How to back up and restore the registry in Windows


Event ID 7062 will log even if zone transfers are disabled if the Notify option has been configured to notify a DNS server or servers that are listed on the Name Servers tab.

By default, a Windows 2000-based primary DNS server that has multiple zones is configured to notify the servers that are listed on the Name Servers tab.

Note Disabling zone transfers does not disable the Notify option. If the Notify option is set to notify a DNS server or servers that are listed on the Name Servers tab, it will continue to do this.

To disable zone transfers, follow these steps:
1.
Click Start, click Run, type regedit, and then click OK.
2.
Locate and then click the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Zones\ZoneName
3.
In the right pane, right-click NotifyLevel, and then click Modify.
4.
Type 0, and then click OK.
5.
Quit Registry Editor.
http://support.microsoft.com/kb/235689

Please post back if you have any more problems or questions.

Collapse -

Easier to remove/reinstall ?

by Twistedpear In reply to Try this...

Thanks for the info..
but would it not be easier and less time consuming to simply(or so it would seem) remove the DNS component properly, then reinstall it ?

Keith

Collapse -

It could be, but then we need choices .

That is why i have put the info here for you, it is up to you if you want to use it.

Please post back if you have any more problems or questions.

Collapse -

choices

by Twistedpear In reply to It could be, but then we ...

I intend to explore the solutions you've selected, but should the need arise to remove/reinstall DNS, Im still more than somewhat fuzzy on the correct process to do so. Especially the removal.

Collapse -

updates...

by Twistedpear In reply to Try this...

Ive tried these.. as close as possible.
Some of the solutions apply to Server 2000 and below, and therefore do not match.

But in trying some of these solutions, Ive seen many users just add the "offending" msdc record. In looking into this.. Ive noticed my MSDC folder is grey. The only entry within the folder is my NS mydomain.local.
This does not seem correct.

Collapse -

re: update

by Churdoo In reply to updates...

I gather by reading the posts here that your AD domain is something like yourdomain.local, and therefore not conflicting with yourdomain.com. Great! You also seem to have been ****-bent on uninstalling/reinstalling the DNS service from your server. I've never seen a problem where that was the solution, so forget about that -- and I understand you already did it anyway and it didn't fix the problem, so case in point.

The DHCP scope options to your client workstations should be handing out the IP of your AD/DNS server as the FIRST DNS server. Likewise obviously, any static IP clients should have the IP of your AD/DNS server as the first DNS server. Next, we typically configure FORWARDERS within the AD/DNS server properties with the addresses of your ISP production DNS servers/resolvers -- if forwarders are defined, then the root hints are not used. Within your AD/DNS server, there whould be a Forward Lookup Zone, an Active-Directory Integrated zone for yourdomain.local. This should be all you need for proper name resolution of your AD and public sites.

Optionally, you may add to your DHCP server scope options and static IP clients, your ISP DNS resolver(s) as SECOND and onward, making sure again, that your AD/DNS server is the FIRST DNS server in the list. All this does is allow your clients to surf the internet if your server is down. If your server is down, you've got bigger problems, so at least if your clients can surf the internet, they may entertain themselves for long enough for you to fix your server -- in fact, some may not even notice that the server is down. ;-)

Hope this helps, and post back any other questions.

Collapse -

Ive done all this...

by Twistedpear In reply to re: update

Churdoo,
Thanks for the reply.
Ive got a Cisco ASA that is handling the routing and DHCP for the LAN. All clients are config with DHCP, but FIRST dns is config to DNS server. Server has Forwarders config to ISP nameservers. All clients can access server resources as well as internet at all times. (as far as I know).
As I stated last night, my MSDCS folder under mydomain.local/forward lookup zone, is grey. It has also been said that the DNS name "_ldap._tcp.Default-First-Site.
_sites.dc._msdcs.lightsaber.local.
should be added to the MSDCS folder. Thoughts ?

Collapse -

Your problem is the missing forwarders.

by bart777 In reply to Help with DNS removel/rei ...

You need to add your ISPs DNS server to you local server's DNS forwarder list.

Once you do this you cna set all of the clients to point only to your server for DNS.
In the DNS window, right click on your server.
Go to properties.
Go to teh forwarders tab.
Add the ISPs DNS servers.
Click OK a couple of times and you're golden.

You can then take out the ISP entry on the desktops.

The problemis that the PCs are asking the server first but the DNS server piece has no idea where to look. This will resolve it for you.

best of luck.

Collapse -

I think the forwarders are already setup correctly

by Twistedpear In reply to Your problem is the missi ...

In Forwarders TAB
DNS Domain:
All Other Domans

Select domains forwarder IP Address list
70.158.xx.x
65.14.xx.x

I believe this to be correct.

Collapse -

Hmmmm.

by bart777 In reply to I think the forwarders ar ...

Another possibility is bad root hints. I haven't seen this problem is many years but you may need to check those on your server.

Try this link.
http://support.microsoft.com/kb/229840/en-us

Back to Networks Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums