Select the product you need help with
A name resolution query fails when Windows Server 2003-based DNS servers set the AA bit for the DNS query and forward the query to conditional forwardersArticle ID: 957930 - View products that this article applies to. SYMPTOMSConsider the following scenario:
Not Implemented
CAUSEThis issue occurs because Windows Server 2003 DNS server earlier was not fully compliant with RFC 1035. In some cases, the Windows Server 2003-based DNS server incorrectly sets the Authoritative Answer (AA) bit when it forwards the query to the conditional forwarders. Some DNS Servers check the AA bit when they receive queries. If the AA bit is set, the query is rejected. This occurs because the AA bit should be set only .in responses for which the responding server is authoritative for a particular domain. WORKAROUNDTo work around the issue, use root hints or the default
All other DNS domains option
instead of using
the conditional forwarders. STATUSMicrosoft
has confirmed that this is a problem in the Microsoft products that are listed
in the "Applies to" section. MORE INFORMATIONFor more information about RFC 1035, visit the following Web
site: http://www.ietf.org/rfc/rfc1035.txt Note The AA bit is described on page 25.
(http://www.ietf.org/rfc/rfc1035.txt)
When this issue occurs, a network monitor capture may resemble the following: 1 Windows Server 2003 DNS server Third-party DNS server DNS:QueryId = 0x8022, QUERY (Standard query), Query for FQDN of type Host Addr on class Internet Flags: Query, Opcode - QUERY (Standard query), AA, RD, Rcode - Success ==> this is the query being sent to the conditional forwarder and notice that AA bit is set. 2 Third-party DNS server Windows Server 2003 DNS server DNS:QueryId = 0x8022, QUERY (Standard query), Response - Not Implemented ===>error returned by the third party dns server PropertiesArticle ID: 957930 - Last Review: November 19, 2008 - Revision: 1.0 APPLIES TO
|
Back to the top
