windows 2003 dns errors

Archived from groups: microsoft.public.win2000.dns (More info?)

I get the following 3 errors in my DNS server on a regular basis:

SMTP could not connect to the DNS server '10.0.0.2'. The protocol used
was 'UDP'. It may be down or inaccessible.

The DNS server has encountered numerous run-time events. To determine
the initial cause of these run-time events, examine the DNS server
event log entries that precede this event. To prevent the DNS server
from filling the event log too quickly, subsequent

The DNS server encountered an invalid domain name in a packet from
219.137.167.160. The packet will be rejected. The event data contains
the DNS packet.

My configuration is as follows:
i have a windows 2003 computer behind a firewall. it has 200 web sites
and send a few thousand email a day. the DNS server has 200 entries
corresponding to the 200 web sites.


for my DNS properites, Fowarders, DNS Domains: i have "all other DNS
domains"

I do not have any domain's fowarder IP address list.

In the Root Hints, i have
a.root-servers.net
all the way to m.root-servers.net

how can i see if my dns is slow because of to much traffic? what is a
good way to make it faster?

thanks in advance.

nicholas.gadacz
1 answer Last reply
More about windows 2003 errors
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:1104793537.192454.160260@f14g2000cwb.googlegroups.com,
    ngadacz@ftresearch.com <ngadacz@ftresearch.com> made a post then I commented
    below
    :: I get the following 3 errors in my DNS server on a regular basis:
    ::
    :: SMTP could not connect to the DNS server '10.0.0.2'. The protocol
    :: used was 'UDP'. It may be down or inaccessible.
    ::
    :: The DNS server has encountered numerous run-time events. To determine
    :: the initial cause of these run-time events, examine the DNS server
    :: event log entries that precede this event. To prevent the DNS server
    :: from filling the event log too quickly, subsequent
    ::
    :: The DNS server encountered an invalid domain name in a packet from
    :: 219.137.167.160. The packet will be rejected. The event data contains
    :: the DNS packet.
    ::
    :: My configuration is as follows:
    :: i have a windows 2003 computer behind a firewall. it has 200 web
    :: sites and send a few thousand email a day. the DNS server has 200
    :: entries corresponding to the 200 web sites.
    ::
    ::
    :: for my DNS properites, Fowarders, DNS Domains: i have "all other DNS
    :: domains"
    ::
    :: I do not have any domain's fowarder IP address list.
    ::
    :: In the Root Hints, i have
    :: a.root-servers.net
    :: all the way to m.root-servers.net
    ::
    :: how can i see if my dns is slow because of to much traffic? what is a
    :: good way to make it faster?
    ::
    :: thanks in advance.
    ::
    :: nicholas.gadacz

    This is apparently an EDNS0 issue.

    EDNS) is a new industry implementation standard recently released, that has
    been implemented in Win2003 for greater query response efficiency. Normally
    DNS queries use UDP responses upto 512 bytes. If the response is larger, it
    reverts to TCP, which creates an inherit slight delay. EDNS0 allows larger
    UDP responses, upto 1500 bytes, but not all firewall manufacturers are upto
    date with their IOS firmware. If you have a Cisco firewall or PIX, there's a
    'fixup' command you can use, but you may have to update the IOS. Same with
    other manufacturers that are not up to date with this new implementation. Or
    easily, you can disable the new industry feature in Win2003.

    My suggestion is to update your firewall to the latest firmware, as a best
    practice.

    More info and how-to's:
    828731 - An External DNS Query May Cause an Error Message in Windows Server
    2003:
    http://support.microsoft.com/?id=828731

    828263 - DNS query responses do not travel through a firewall in Windows
    Server 2003:
    http://support.microsoft.com/?id=828263


    --
    Regards,
    Ace

    G O E A G L E S !!!
    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
Ask a new question

Read More

Windows Server 2003 DNS Server DNS Windows