The AAAA record for this DC was not found

Discussion in 'DNS Server' started by Rune Flo, Dec 18, 2008.

  1. Rune Flo

    Rune Flo Guest

    A new Windows Server 2008 DC was added to the domain. When compared [in DNS]
    to other Windows Server 2008 [member] nodes, this DC's IPv6 Host (AAAA)
    record is missing in DNS. The IPv6 Host (AAAA) record with name "(same as
    parent folder)" is present though. All IPv4 records are present including
    the host Host (A) record. The DC is configured with static IPv4 addresses,
    IPv6 with automatic configuration only [like member servers].

    When running "dcdiag /test:dns" on the DC, the output lists several
    warnings:

    "Warning:
    Missing AAAA record at DNS server <IPv4 address>:
    <FQDN>"

    This is also the only [W2K8] node replying with IPv4 address when pinging at
    it.

    We plan to introduce the first Exchange 2007/SP1 into the org [on W2K8], and
    was worried about DC's IPv6 name resolution.

    Has anybody else seeing this?

    /Rune Flo.
     
    Rune Flo, Dec 18, 2008
    #1
    1. Advertisements

  2. In

    Are all your machines in your infrastructure set to use IPv6? Since all of
    my customer networks are not using IPv6, that is including on their routers,
    whether using Win2008 or not, I've simply disabled IPv6.

    Does your design require it's use?

    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
    Microsoft Certified Trainer

    For urgent issues, you may want to contact Microsoft PSS directly.
    Please check http://support.microsoft.com for regional support phone
    numbers.
     
    Ace Fekay [Microsoft Certified Trainer], Dec 18, 2008
    #2
    1. Advertisements

  3. Rune Flo

    Rune Flo Guest

    All machines will eventually be IPv6 ready in not too distant future 1Q 2009
    (Vista,W2K8), so I would let the default config remain using IPv6 as the
    default protocol on the intranet. I was looking for the reason why a [W2K8]
    DC register different in DNS [regarding IPv6 Host (AAAA) record] than other
    [W2K8]member servers with identical (IPv4, IPv6) settings.

    Thanks for replying.

    /rune.


     
    Rune Flo, Dec 18, 2008
    #3
  4. In
    Hello Rune,

    Ok, so you are moving towards IP6, no problem.

    What is DNS running on, 2003 or 2008? Do all the respective machines in play
    (DCs, DNS - assuming the same) have IPv6 installed?

    The "(same as parent)" name was registered by the Netlogon service, not by
    the adapter. Therefore we need to take a look at the adapter's settings.
    Assuming that IP6 is on all machines, as well as the IPv6 IP address
    configuration was also set in IPv6 properties, and 'register this
    connection' (which is independent of the netlogon service regsitering the
    'same as parent' hostname), is set in the IPv6 properties, I would assume
    the machine will register.

    The following link gives a little overview of resolution with IP4 vs IP6:

    Configuring DNS for IPv6/IPv4 Coexistence
    http://technet.microsoft.com/en-us/library/cc738372.aspx

    http://blogs.techrepublic.com.com/networking/?p=530

    Also, keep in mind, Windows does not update the reverse zone (look under
    "How do I configure IPv6 reverse lookups for the DNS Server service in
    Windows Server 2003?"). However, they should for forward zones.
    http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], Dec 24, 2008
    #4
  5. Rune Flo

    Rune Flo Guest

    Hi Ace,
    Thanks for replying back. Didn't notice your reply right away. Sorry!

    Config:
    Small environment, single site (15 servers, 2 DC, 50 clients (XP,Vista))
    Both DC run DNS (AD Integrated zones), One with Windows Server 2008/SP1, the
    other with Windows Server 2003/SP2 (upgrade pending). It is the W2K8 DC that
    differs from other W2K8 servers (and clients) with regard to "IPv6 Host
    (AAAA) record" DNS registration.
    All IPv6 settings on all IPv6 nodes are out of the box defaults [Automatic
    configuration only]. The record registered in DNS by all other IPv6 capable
    clients is the "6TO4 Adapter" IPv6 address. The W2K8 DC "6TO4 Adapter" IPv6
    address is: 2002:d5ec:c903::d5ec:c903(Preferred)

    One strange thing noticed when monitoring (Netmon,debug logs) DNS
    registrations from this DC. Both DNS servers receive correct registration
    queries, the W2k3 dns server accept and register the IPv6 Host (AAAA) =
    2002:d5ec:c903::d5ec:c903 record, then after about 2 minutes it suddently
    disappears from DNS! The W2K8 dns server (itself) seems not to accept
    registering this record, the dns debug log (update respons) : R U [05a8
    REFUSED]

    What actually means [05a8 REFUSED]?

    /rune.


     
    Rune Flo, Jan 1, 2009
    #5
  6. In
    I apologize as well, for the late response.

    .. 6to4 address
    The 6to4 address is used for communicating between two nodes running both
    IPv4 and IPv6 over an IPv4 routing infrastructure. The 6to4 address is
    formed by combining the prefix 2002::/16 with the 32 bits of a public IPv4
    address, forming a 48-bit prefix. 6to4 is a tunneling technique described in
    RFC 3056.

    From the above description that I found in the IPv6 Whitepaper at
    Microsoft's site
    (http://download.microsoft.com/download/e/9/b/e9bd20d3-cc8d-4162-aa60-3aa3abc2b2e9/IPv6.doc),
    it is related to IP4 to IPv6 transition. (6TO4 means IPv6 to IPv4).

    This link is a white paper that explains the 6TO4 transition, but nothing on
    errors
    (http://download.microsoft.com/download/1/2/4/124331bf-7970-4315-ad18-0c3948bdd2c4/IPv6Trans.doc).

    Please keep in mind, I am not an expert with IPv6, but I've seen numeros
    posts regarding driver issues with this adapter. Is the server multihomed?

    Check Device Manager to see if shows an error with the 6TO4 driver. I've
    seen some postings with issues with this interface on Vista, but not with
    2008, but may be similar.

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], Jan 14, 2009
    #6
  7. Rune Flo

    Rune Flo Guest

    Hi Ace,

    Not an IPv6 expert me either. Just about to complete my first read of
    "Understanding IPv6, Second Edition (by Joseph Davies)".

    No, the DC servers is not multihomed.
    A little progress still. On IPv6/IPv4 DC's, the IPv6 stack needed to have
    configured a IPv6 DNS server. I used ::1 (localhost), then the "6TO4
    Adapter" IPv6 address registered succesfully in DNS on both DC's, but after
    a couple of minutes it disappered from both. First from the W2K8 DC, then a
    bit later from the W2K3 DC.

    Can it be that the AD DS service is dissatisfied with the AAAA record and
    have it deleted?

    Thanks anyway

    Rune.

     
    Rune Flo, Jan 20, 2009
    #7
  8. In
    Hmm, not sure at this point. As mentioned, I've seen others have this
    problem while I searched for it last week, but I never did see a resolve. I
    remember reading one poster's comment about trying to fix it by unchecking
    and re-checking the IPV6 adapter. I never heard a response back if it
    worked. Maybe there is a bug here? Not sure.

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], Jan 22, 2009
    #8
  9. In Rune Flo <> requesting assistance, typed the
    following:


    Another thought came to mind: Is EDNS0 support enabled on the DNS server?

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], Jan 22, 2009
    #9
  10. Rune Flo

    Rune Flo Guest

    No. Not as I'm aware of. No EDNS0 related parameter present in the registry
    either.
    The transistion to Exchange 2007 SP1 went well, so I likely have to ponder
    on this in spare times :)

    Thanks for your contribution Ace!

    /rune.
     
    Rune Flo, Feb 3, 2009
    #10
  11. In
    Hi Rune,

    No problem for the attempt to help. Good to hear the transition went well.

    FYI, EDNS0 is enabled by default but can be disabled. The registry entry is
    found here under the key EnableEDNSProbes (0 to diable, 1 to enable):
    http://technet.microsoft.com/en-us/library/dd197418.aspx

    EDNS0 allows query responses using UDP greater than 512, where formerly that
    was the limit, and the response would revert to TCP. This feature actually
    makes resolution more efficient. Some older firewalls do not support it, and
    many firewalls out of the box block the traffic unless it's specifically
    allowed. Mostly the thought is to leave it enabled with DNS and allow it in
    the firewall.

    For Cisco, the command to allow EDNS0 is:
    fixup protocol dns

    To disable/enable it, you can also use the dnscmd command as a toggle
    (dnscmd is found in the reskit):
    dnscmd /config /enableednsprobes

    Cheers!

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], Feb 7, 2009
    #11
  12. Yes, that is an IPv6 record.

    Uncheck IPv6 in IP properties. Also set this registry entry (good for Vista
    and 2008). If XP or 2003, it has to be uninstalled.

    Disabling IPv6 on Windows 2008 or Vista
    http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/19/disabling-ipv6-on-windows-2008.aspx

    Ace
     
    Ace Fekay [Microsoft Certified Trainer], May 7, 2009
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.