DNS May Fail to Resolve Top-Level Domain

Friday, October 28, 2011

If your Windows 2008 Server is running DNS Server Services and uses root hints to resolve Internet host name, it may fail to resolve queries for host names in certain top-level domains. When this happens, the problem will continue until the DNS Server cache is cleared or the DNS Server service is restarted. When the problem is occurring, an NSLOOKUP command issued for an affected name will return the error "server failed". A network trace will show that the DNS server does not send any traffic for such a request to the Internet. Furthermore, No events related to a problem are reported in the DNS Event Log. Interestingly, the DNS server does not exhibit this behavior if DNS Server is configured to use forwarders for Internet name resolution instead of root hints.

To resolve the issue you can configure your DNS servers to forward to your ISP's DNS servers. When 2008 DNS servers are configured as forwarders, this issue is not exhibited.

To resolve the issue and continue using root hints, change the MaxCacheTTL registry value to 2 days or greater. Modify the registry at your own risk.

  1. Start Registry Editor (regedit.exe).
  2. Locate the following registry key:
  3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
  4. On the Edit menu, click New, click DWORD (32-bit) Value, and then add the following value:
  1. Value: MaxCacheTTL
  2. Data Type: DWORD
  3. Data value: 0x2A300 (172800 seconds in decimal, or 2 days)

Set the MaxCacheTTL to 0x0 if you do not wan't the DNS server to cache any recursive queries.

MaxCacheTTL

http://support.microsoft.com/kb/968372

Did you find the page informational and useful? Share it using one of your favorite social sites.

Recommended Books & Training Resources

Windows Server 2008 R2 Unleashed MCITP Windows Server 2008 Enterprise Administrator: Training Kit 4-Pack: Exams 70-640 70-642 70-643 70-647