MSExchangeGuru.com

Learn Exchange the Guru way !!!

 

Exchange 2010: Message Queued with 451 4.4.0 Dns query failed

We discussed this error earlier here https://msexchangeguru.com/2013/11/23/451-4-4-0-dns-query-failed-the-error-was-smtpsend-dns-nonexistentdomain-nonexistent-domain/

 

We also know this issue can come because of multiple reasons. So today I discovered another fix so I am sharing here.

 

Infra:

This infrastructure has windows 2012 R2 domain controllers with AD integrated DNS on it.

We are migrating from Exchange 2007 to Exchange 2010. This is customer choice, I would have chosen Exchange 2013.

Mixed mode with Exchange 2007 and windows 2008 non R2 DCs.

 

Issue:

Until migration everything was working fine.

Post cut over we got few secure domains had Message Queue with 451 4.4.0 DNS Query failed


Troubleshooting:

Did the nslookup and look for the mx record. Mx record was present and telnet to this record was working. This means DNS Query was working.

I created the send connector and pointed to one of the MX record hostname.

Restart the transport service on all exchange 2010 servers

But still the messages were queued up with the same error.

 

Resolution:

Turn off the EDNS0 feature on Windows-based DNS servers. To do this, take the following action:

             Open the command prompt with run as administrator,

    Type the following command, and then press Enter:

dnscmd /config /enableednsprobes 0

             Did the same on all domain controllers.

             Selected the message to retry or restart transport fixed my issue.

Root cause:

This issue occurs because of the Extension Mechanisms for DNS (EDNS0) functionality that is supported in Windows Server DNS. 
EDNS0 allows larger User Datagram Protocol (UDP) packet sizes. However, some firewall programs may not allow UDP packets that are larger than 512 bytes. Therefore, these DNS packets may be blocked by the firewall.

 

Reference: http://support.microsoft.com/kb/832223

This applies to domain controllers post windows 2008 R2 and above which is why windows 2008 non R2 domain controllers were working fine.

 

Prabhat Nigam

Microsoft Solutions Architect

Team@MSExchangeGuru

6 Responses to “Exchange 2010: Message Queued with 451 4.4.0 Dns query failed”

  1. Pithoo shu Says:

    Hi Prabhat,

    Great work and thanks for sharing your knowledge.. I am a regular at your site 🙂

    Regards,
    Pithoo

  2. Exchange 2013: 451 4.0.0 DNS query failed « MSExchangeGuru.com Says:

    […] https://msexchangeguru.com/2014/11/14/e2010451-4-4-0-dns-query-failed/ […]

  3. Fotis Mast Says:

    You won’t believe it guys, I had the same problem. Tried your solution, didn’t work on my. As soon as I checked Register this connection DNS address on my NIC properties in the EDGE server, all messages were processed ….

  4. Prabhat Nigam Says:

    You should not uncheck this checkbox

  5. tmack Says:

    In my lab I ran into this problem. It turns out I had added Google’s public DNS server (8.8.8.8) as the secondary DNS server on my Exchange 2013 server and that caused this problem. Once I removed it, left the secondary DNS server blank, my queue processed.

  6. tay7lor Says:

    Big thanks to tmack! I was struggling with this for the past couple of days and removing the Google DNS entry fixed it! Cheers!

Leave a Reply

Categories

Archives

MSExchangeGuru.com