locked
dns recursive query fails, network down

    Question

  • could someone please tell me how to correct a dns server that doesn't handle recursive queries correctly?  A simple test passes, but a recursive query fails, according to the monitoring page results.  A 4013 warning has appeared throughtout the day of troubleshooting this error.  I'm not sure that the dns server's inability to handle recursive queries has contributed to the network crash, but clients and servers are not able to reach the internet.  PLEASE HELP. 
    btw, bypassing the router allows a server to get out to the internet, but no access is possible through the router right now.
    Friday, November 13, 2009 2:24 AM

Answers

  •  

     

    Hello,

     

     

    Thank you for your post here.

     

    To diagnose DNS recursive queries, you may want to use the NSLOOKUP tool to verify in which state the recursive queries fails.


    1. Open a command prompt and type "nslookup", press Enter.
    2. Type "set d2", press Enter.
    3. Type a Internet resource name and press Enter.
    4. Please let us know the result.

    Nslookup: set d2

    http://technet.microsoft.com/en-us/library/bb490732.aspx

     

    If you have any questions or concerns, please do not hesitate to let me know.

     

     

     

     

    • Marked as answer by Miles Li Monday, November 23, 2009 6:39 AM
    Monday, November 16, 2009 2:44 AM

All replies

  •  

     

    Hello,

     

     

    Thank you for your post here.

     

    To diagnose DNS recursive queries, you may want to use the NSLOOKUP tool to verify in which state the recursive queries fails.


    1. Open a command prompt and type "nslookup", press Enter.
    2. Type "set d2", press Enter.
    3. Type a Internet resource name and press Enter.
    4. Please let us know the result.

    Nslookup: set d2

    http://technet.microsoft.com/en-us/library/bb490732.aspx

     

    If you have any questions or concerns, please do not hesitate to let me know.

     

     

     

     

    • Marked as answer by Miles Li Monday, November 23, 2009 6:39 AM
    Monday, November 16, 2009 2:44 AM
  • I have the same issue.  Here is the d2 response from my server.

    DNS request timed out.
        timeout was 2 seconds.
    Default Server:  UnKnown
    Address:  ::1

    > set d2
    > www.google.com
    Server:  UnKnown
    Address:  ::1

    ------------
    SendRequest(), len 45
        HEADER:
            opcode = QUERY, id = 2, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            www.google.com.mydomain.com, type = A, class = IN

    ------------
    ------------
    Got answer (108 bytes):
        HEADER:
            opcode = QUERY, id = 2, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            www.google.com.mydomain.com, type = A, class = IN
        AUTHORITY RECORDS:
        ->  tech-pro.com
            type = SOA, class = IN, dlen = 39
            ttl = 3600 (1 hour)
            primary name server = prod-dc01.mydomain.com
            responsible mail addr = admin
            serial  = 5393541
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 900 (15 mins)

    ------------
    ------------
    SendRequest(), len 45
        HEADER:
            opcode = QUERY, id = 3, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            www.google.com.mydomain.com, type = AAAA, class = IN

    ------------
    ------------
    Got answer (108 bytes):
        HEADER:
            opcode = QUERY, id = 3, rcode = NXDOMAIN
            header flags:  response, auth. answer, want recursion, recursion avail.
            questions = 1,  answers = 0,  authority records = 1,  additional = 0

        QUESTIONS:
            www.google.com.mydomain.com, type = AAAA, class = IN
        AUTHORITY RECORDS:
        ->  tech-pro.com
            type = SOA, class = IN, dlen = 39
            ttl = 3600 (1 hour)
            primary name server = prod-dc01.mydomain.com
            responsible mail addr = admin
            serial  = 5393541
            refresh = 900 (15 mins)
            retry   = 600 (10 mins)
            expire  = 86400 (1 day)
            default TTL = 900 (15 mins)

    ------------
    ------------
    SendRequest(), len 32
        HEADER:
            opcode = QUERY, id = 4, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            www.google.com, type = A, class = IN

    ------------
    DNS request timed out.
        timeout was 2 seconds.
    timeout (2 secs)
    SendRequest failed
    ------------
    SendRequest(), len 32
        HEADER:
            opcode = QUERY, id = 5, rcode = NOERROR
            header flags:  query, want recursion
            questions = 1,  answers = 0,  authority records = 0,  additional = 0

        QUESTIONS:
            www.google.com, type = AAAA, class = IN

    ------------
    DNS request timed out.
        timeout was 2 seconds.
    timeout (2 secs)
    SendRequest failed
    *** Request to UnKnown timed-out

    Wednesday, November 25, 2009 7:49 AM