DNS: The list of forwarding servers must not contain the loopback address <IP address>

Updated: October 15, 2010

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Microsoft Baseline Configuration Analyzer or Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the DNS Microsoft Baseline Configuration Analyzer or DNS Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer.

Operating System

Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Product/Feature

DNS

Severity

Warning

Category

Configuration

Issue

A loopback IP address is configured as a forwarding server.

One or more of the IP addresses configured in the list of forwarders is local to the DNS server, or is the loopback address. This configuration is not supported and can cause DNS queries to loop indefinitely.

Impact

DNS queries for external zones might fail.

DNS queries in external zones that are forwarded for resolution can fail or be delayed. Repeated looping of DNS queries can also degrade performance of the DNS server.

Resolution

Remove the loopback forwarder IP address from the list of forwarders.

To repair this condition, remove the loopback IP address from the list of forwarders. You can also replace the loopback IP address with a valid DNS server IP address.

Membership in Administrators, or equivalent, is the minimum required to complete these procedures. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To configure the list of forwarders

  1. Click Start, click Run, type dnsmgmt.msc, and then press ENTER. The DNS Manager console will open.

  2. In the console tree, right-click the DNS server and then click Properties.

  3. On the Forwarders tab, click Edit.

  4. In the Edit Forwarders dialog box, under IP Address, click the IP address of the forwarder to remove, and then click Delete. Alternatively, you can type the IP address of a different DNS server that you wish to use as a forwarder. Each forwarder in the list should display as OK under Validated. Click OK to finish editing forwarders.

  5. Click OK to close the DNS server properties dialog box.

See Also

Concepts

Configure a DNS Server to Use Forwarders