Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, January 29, 2020 6:22 PM
Hi,
I have two domain controllers on the same isolated network that function as DHCP and DNS (IPv6 and IPv4) server. Both servers are getting the same BPA results for DNS, and they are:
- Error DNS: At least one DNS server on the list of forwarders must respond to DNS queries.
- Error DNS: The DNS server must have root hints or forwarders configured.
- Warning DNS: More than one forwarding server should be configured.
- Warning DNS: Forwarding server fd00::2 (the other server error has fd00::1 for the offending address) should respond to DNS queries.
The IP addresses of the two servers are:
DC1:
- 192.168.1.20
- FD00::1
DC2:
- 192.168.1.21
- FD00::2
I am having a hard time finding a solution to these errors because most examples that I read about are not referring to isolated networks.
When I run NSLOOKUP and PING, names and addresses resolve just fine, so I do not understand why the server is not responding to queries.
Any help will be greatly appreciated.
All replies (4)
Wednesday, January 29, 2020 9:27 PM
I have some more to add to this. I made some minor changes to the DNS servers. I am now getting the following for the BPA resilts:
- Error DNS: At least one DNS server on the list of forwarders must respond to DNS queries.
- Error DNS: The DNS server must have root hints or forwarders configured.
- Warning DNS: Forwarding server 192.168.1.21 (the other server error has 192.168.1.20 for the offending address) should respond to DNS queries.
- Warning DNS: Forwarding server fd00::2 (the other server error has fd00::1 for the offending address) should respond to DNS queries.
NSLOOKUP and PING are resolving IPv4 and IPv6 just fine on the servers. The attached client however has NSLOOKUP responding with:
- Default Server: unknown
- Address: fd00::1
Typically when I see something like this, I look at the reverse lookup zone and add a new record to resolve it. The reverse lookup zone entries look correct to me however.
Friday, January 31, 2020 9:11 AM
Hi,
According on your DNS error, it seems there is some error with your DNS forwarder.
If this DNS server is also a DC, you could run **dcdiag /test:dns **to check DNS health.
You can refer the following article for more information:
Dcdiag for DNS: Test details explained
If everything works fine, you could just ignore the BPA errors.
Hope this can help you, if you have anything unclear, please let me know.
Have a nice day!
Ellen
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, February 4, 2020 10:44 AM
Hi,
Just checking the current situation of your problem.
Please let us know if you would like further help.
Best regards,
Ellen
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, February 10, 2020 11:33 AM
Hi,
As this thread has been quiet for a while, we will propose it as ‘Answered’ as the information provided should be helpful.
If you need further help, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.
Best regards,
Ellen
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].