Help and Support
 

powered byLive Search

An external DNS query may cause an error message in Windows Server 2003

View products that this article applies to.
Article ID:828731
Last Review:December 3, 2007
Revision:9.2

SYMPTOMS

When a computer that is running Microsoft Windows Server 2003 makes an external DNS query, you may receive one of the following error messages:
Query Refused

Server unable to interpret format

Timeout

Back to the top

CAUSE

Cause #1

This problem may occur on some Cisco PIX Firewall models with software that is earlier than PIX Firewall version 6.3(2). The Cisco PIX Firewall drops DNS packets sent to User Datagram Protocol (UDP) port 53 that are larger than the configured maximum length. By default, the maximum length for UDP packets is 512 bytes.

Cause #2

This problem may occur if the external DNS server does not support Extension Mechanisms for DNS (EDNS0) or if a firewall exists between your server and the external DNS server. DNS servers that do not support EDNS0 cannot process EDNS0 data, and this behavior causes the query to fail. Some firewalls may drop the EDNS0 packets that are sent by servers that support EDNS0, or may drop UDP packets that are larger than 512 bytes that are sent by servers that support EDNS0.

Back to the top

WORKAROUND

Workaround #1

To resolve this problem, visit the following Cisco Systems Web site for information and update instructions:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_notes_list.html (http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_notes_list.html)

Workaround #2

To work around this problem, turn off EDNS0 support in Windows Server 2003. To do this, follow these steps:
1.Start a command prompt.
2.Type dnscmd /Config /EnableEDnsProbes 0, and then press ENTER.

Back to the top

MORE INFORMATION

For more information about Extension Mechanisms for DNS, visit the following Microsoft Web site:
http://technet2.microsoft.com/WindowsServer/en/library/28022cf7-84e1-484b-91cd-591f90368f711033.mspx?mfr=true (http://technet2.microsoft.com/WindowsServer/en/library/28022cf7-84e1-484b-91cd-591f90368f711033.mspx?mfr=true)
For more information about Cisco Systems visit the following Web site:
http://www.cisco.com (http://www.cisco.com)
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products. Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Back to the top

APPLIES TO
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, 64-Bit Datacenter Edition
Microsoft Windows Small Business Server 2003 Standard Edition
Microsoft Windows Small Business Server 2003 Premium Edition

Back to the top

Keywords: 
kbwinservnetwork kbnetwork kbprb KB828731

Back to the top

Article Translations

 

Other Support Options

  • Need More Help?
    Contact a Support professional by E-mail, Online or Phone.
  • Customer Service
    For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
  • Newsgroups
    Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.