DNS issues Event ID 7693

[Will_57]

Can anybody explain this to me? I have a new WS2016 DNS server (Secondary Zones) that replaced an old 2008 R2 in the DMZ. The same IP was used so everything is open in the firewalls, plus I checked the firewalls and all traffic was passing. I did two WS 2016 DMZ DNS servers the exact same way on the same subnet using the old IPs. Configurations are identical. One has had no issues. The server worked fine for a month then just stoped working with failed zone transfers. Access denied was the message I was getting. Logs and debugging logs both shows queries and response go to and from the DCs to and the DNS server. After 4 days of trying everything. I adjusted the I changed zone transfers to allow anything, telnet using port TCP 53 plus port query. Deleted the zones recreated the zones, Switch the secondary zone to look at one or the other Primary DNS servers for trouble shooting, Verified the the zones where authoritative, verified AD was working correctly on Primary Zones (Primary Zones are AD integrated), compared setting to the working secondary to make sure no typos were in place, and on and on.

Then today I get on and the thing starts working on its own overnight. Logs show the DNS service stopped Event ID 3. Next Event ID 7693 " The XfrScopeOptionValue has been set to 65433. This option ID will be used to communicate the scope information during zone transfers via the OPT RR. " I did some very quick googling that event ID and nothing popped up. What is this and why does it appear to be what resolved my issue? Also is this something I'm able to monitor and adjust?

Continue reading...