Compartilhar via

Cannot resolve names in certain top level domains like .co.uk.

  • Artigo

[Today's post comes to us courtesy of Chris Puckett]  

After one day, you may find your Windows 2008 DNS Server is unable to resolve names in certain top level domains (tld’s) like .co.uk, .cn, and .br when it is configured to use root hints. It may also occur with other tld’s. A network monitor trace shows the DNS Server does not send any DNS traffic out to the internet. The Windows 2008 DNS server returns SERVFAIL to the client or when using nslookup.

Workarounds include restarting DNS, clearing the DNS cache, setting maxcachettl to 2 days or greater, and using DNS Forwarders instead of root hints.

If you want to use root hints, you can set the maxcachettl registry value on the Windows 2008 DNS Server as follows:

1. Start Registry Editor (Regedit.exe).

2. Locate the following registry key:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDNSParameters

3. On the Edit menu, click New, click DWORD (32-bit) Value , and then add the following value:

Value: MaxCacheTtl
Data Type: DWORD
Data value: 0x2A300 (172800 in decimal = 2 days)

4. Click OK .

5. Quit Registry Editor.

6. Restart the DNS server.

Data type Range
REG_DWORD 0x0 | 0x1 - 0xFFFFFFFF seconds Default value:0x15180 (86,400 seconds = 1 day)

You may see this behavior in Windows 2008, SBS 2008 and EBS 2008.

UPDATE: KB Published. 

968372 Windows Server 2008 DNS Servers may fail to resolve queries for some top-level domains
https://support.microsoft.com/default.aspx?scid=kb;EN-US;968372

Comments

  • Anonymous
    January 01, 2003
    That's odd.  In calculator, 172800 decimal translates to 2A300 in hex and 68330240 decimal translates to 412A300 in hex.

  • Anonymous
    January 01, 2003
    PingBack from http://www.ditii.com/2009/01/30/windows-server-2008-cannot-resolve-names-in-certain-tlds/

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 29, 2009
    Are you able to give the circumstances when this happens, I work for a TLD and am also a Windows Admin (we've had tickets from customers on this) so would really like to re-create it in my lab. Thanks Brett

  • Anonymous
    January 29, 2009
    The comment has been removed

  • Anonymous
    January 29, 2009
    Ok... but WHY would I want to make this registry change on my server?  What's the root cause of the problem?  Why would I want to set MaxCacheTtl to 2 days instead of 1 day or 10 days?

  • Anonymous
    February 25, 2009
    The comment has been removed

  • Anonymous
    March 28, 2015
    The comment has been removed

  • Anonymous
    August 04, 2015
    I've encountered this issue in Windows 2012 R2 as well when using root-hints only.