Computer Performance, Windows Server 2003

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

 

Debug Logging for DNS in Windows Server 2003

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

OpusFlow Exchange
Group Calendar

OpusFlow Exchange Group Calender

Debug Logging for DNS in Windows Server 2003

Why would you use DNS' debug logging?  The answer is to track down problems with DNS queries, updates or notification errors.  Perhaps the most common problem is why does a DNS query result in an unknown server error when you know the domain name is valid.

Scenarios for creating a DNS Debug Log

  • Web page not found - 404 error.
  • Email delivery error.
  • Cannot find a server by its a UNC path.
  • Secondary DNS servers do not receive notifications or updates.

Where do you find the debug log settings?DNS Debug Logging Windows Server 2003

Open the DNS snap-in, click on the server icon itself, properties.  (No use looking on Forward Lookup Zones).

DNS Debug Logging Tip Windows Server 2003 Make sure that you enter a valid path and filename in the box at the bottom called: File path and name.  See diagram.

Good news, the debug information gets appended to the log with the latest information at the bottom.

TrainSignal - Recommended Training VideosDNS is a huge topic, as an MCT trainer, I can thoroughly recommend TrainSignal because they provide practical hands on training.  In particular, I like the way TrainSignal cover all learning methods, instructor lead, video and of course text material.  You can either take one module, for example DNS or go for a combination of modules.  Learn more about DNS 2003 here

Interpreting the Debug log

The trick to deciphering the log is to parse or divide up the line.  It helps to look for patterns, for example Rcv Q (Incoming Request Query) or Snd R Q (Outgoing Response to Query).

Watch out for error codes, NXDOMAIN, indicating a problem with the query, or NOERROR - good news.  Here are two examples from my Windows Server 2003 Debug Log e:\log\wed.log:

Example 1: - Query Failure

PACKET UDP Snd 10.1.0.1 R Q [8385 A DR NXDOMAIN] (7)EZINE(2)cp(3)com(0)

In this example the query returned NXDOMAIN meaning it has no record of a machine called EZINE.

Example 2 - Query success!

PACKET UDP Snd 10.1.0.1 R Q [8085 A DR NOERROR] (8)LLANELLI(2)cp(3)com(0)

Here the query send to 10.1.0.1 successfully resolved a machine called LLANELLI at cp.com.

Note: Always turn off the log when you finish, otherwise the processor will be stressed unnecessarily.

Error Code

   Explanation

NOERROR

Success. What you want!  No problem

NXDOMAIN

The query name does not exist.  I have no record for this host.

NOTAUTH

This server is not authoritative for the domain in the query.  Could be a secondary server trying to transfer a zone from the server.  However that server is not SOA.

SERVFAIL

Most likely a temporary problem causing a timeout error.  With luck the retry will work.  Problem seen with email transfer.

REFUSED

Security problem.  Check permissions. 

Could be the result of an email check.  We do not like your domain because we cannot reply to it.  As a result we will not accept your incoming mail.

Could be a request for a zone transfer which is refused because the requestor does not have permission

Filtering the log

Either you can filter the log so that it only captures particular data, or else you can use Find in the resultant log to track down the server name you are interested in.

Possible filters include the following pairs: UDP or TCP, Incoming or Outgoing, Request or Response.

Summary

If you experience DNS connectivity problems, create a Debug log.  Navigate to the DNS server icon, find the Debug Logging tab and set a path to the filename which stores the data.

-

Related DNS Server topics

 *

Google

WebComputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.