When name resolution is provided by root hints, Windows Server 2008 DNS and Windows Server 2008 R2 DNS Servers may fail to resolve queries for names in certain top-level domains. When this happens, the problem will continue until the DNS Server cache is cleared or the DNS Server service is restarted. The problem can be seen with domains like .co.uk, .cn, and .br, but is not limited to these domains.
When the problem is happening, an nslookup command issued for an affected name will return the error "server failed". A network trace will show that the DNS server does not send any traffic for such a request to the Internet. No events related to a problem are reported in the DNS Event Log.
This problem does not happen if DNS Server is configured to use forwarders for Internet name resolution instead of root hints.
To resolve the issue and continue using root hints, change the MaxCacheTTL registry value to 2 days or greater.
Warning: Serious problems might occur if you modify the registry incorrectly by using Registry Editor or another method. These problems might require you to reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
1. Start Registry Editor (regedit.exe).
2. Locate the following registry key:
3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
4. On the Edit menu, click New, click DWORD (32-bit) Value, and then add the following value:
5. Click OK.
6. Quit Registry Editor.
7. Restart the DNS Server service.
ZDROJ: http://support.microsoft.com/kb/968372
When the problem is happening, an nslookup command issued for an affected name will return the error "server failed". A network trace will show that the DNS server does not send any traffic for such a request to the Internet. No events related to a problem are reported in the DNS Event Log.
This problem does not happen if DNS Server is configured to use forwarders for Internet name resolution instead of root hints.
RESOLUTION
To resolve the issue and continue using root hints, change the MaxCacheTTL registry value to 2 days or greater.
Warning: Serious problems might occur if you modify the registry incorrectly by using Registry Editor or another method. These problems might require you to reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
1. Start Registry Editor (regedit.exe).
2. Locate the following registry key:
3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
4. On the Edit menu, click New, click DWORD (32-bit) Value, and then add the following value:
- Value: MaxCacheTTL
- Data Type: DWORD
- Data value: 0x2A300 (172800 seconds in decimal, or 2 days)
5. Click OK.
6. Quit Registry Editor.
7. Restart the DNS Server service.
ZDROJ: http://support.microsoft.com/kb/968372
