DNS: Zone <zone name> master servers must respond to queries for the zone

Updated: October 15, 2010

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Microsoft Baseline Configuration Analyzer or Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the DNS Microsoft Baseline Configuration Analyzer or DNS Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer.

Operating System

Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Product/Feature

DNS

Severity

Warning

Category

Operation

Issue

None of the master servers configured for zone are responding.

The secondary zone on the DNS server is not being updated by primary DNS servers.

Impact

The secondary zone will not be updated.

Zone transfers from the primary DNS servers to the secondary DNS server will fail. DNS information in the zone might be outdated.

Resolution

Validate the list of master servers for the zone.

Review the list of master DNS servers for the zone and verify that each DNS server listed hosts a primary copy of the zone and is responding to DNS queries. Configure the list of master servers, removing or replacing master servers that are not valid.

Important

Ensure that there is at least one valid master DNS server configured in the list.

Membership in Administrators, or equivalent, is the minimum required to complete these procedures. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To configure the list of master servers

  1. On the secondary DNS server, click Start, click Run, type dnsmgmt.msc, and then press ENTER. The DNS Manager console will open.

  2. In the console tree, right-click the name of the secondary zone and then click Properties.

  3. On the General tab, click Edit.

  4. Use the following procedure to validate each server that is listed under IP addresses of the master servers.

  5. To remove a server from the list, click the IP address and then click Delete.

  6. To replace a server in the list, click the IP address you wish to replace, type the IP address of the new master server, and then press ENTER.

  7. Click OK twice to exit.

To validate the list of master servers

  1. On the secondary DNS server, open an elevated command prompt.

  2. Type nslookup and press ENTER to use the nslookup tool in interactive mode.

  3. At the nslookup prompt, type the following commands, and after each one press ENTER:

    server <master server>
    
    ls <zone name>
    
  4. Zone transfers must be allowed from the master to the secondary DNS server. If the master server hosts a copy of the zone and is responding, the contents of the zone will be displayed.

  5. If contents of the zone are not displayed, remove the DNS server from the list of primary DNS servers, or determine why the master DNS server is not responding.

  6. Repeat this procedure for each DNS server in the list of master DNS servers.

  7. When you have completed validating all master DNS servers for the zone, type exit and press ENTER.

Value Description

nslookup

The command-line tool for querying DNS servers.

server

Command to set the default server used for queries.

<master server>

Specifies the DNS host name or IP address of the DNS server to be queried.

ls

Command to list entries in a zone. The ls command attempts a zone transfer of the specified zone from the specified server, and then displays data in the zone.

<zone name>

Specifies the zone name to be queried.

See Also

Concepts

Adding a Secondary DNS Server to a Zone