johndeerb
asked on
Reverse DNS problem
Hi all...
I've got a strange bit of trouble. We have had some intermittent network issues, and I'm convinced they are DNS related. My search has led me to the reverse lookup zone in DNS, where I find multiple entries for a single I.P. address, pointing to different machine names. Firewall logs seem to indicate I'm on the right track, since they report a destination I.P mismatch.
Questions:
1) How could mutiple PTR records exist in the first place?
2) Is this likely to cause issues with Internet browsing, network drive mapping, etc?
3) How will I get rid of the invalid PTR records (hopefully without manually verifying all of them and deleting bad ones)?
Thanks in advance!
jb
I've got a strange bit of trouble. We have had some intermittent network issues, and I'm convinced they are DNS related. My search has led me to the reverse lookup zone in DNS, where I find multiple entries for a single I.P. address, pointing to different machine names. Firewall logs seem to indicate I'm on the right track, since they report a destination I.P mismatch.
Questions:
1) How could mutiple PTR records exist in the first place?
2) Is this likely to cause issues with Internet browsing, network drive mapping, etc?
3) How will I get rid of the invalid PTR records (hopefully without manually verifying all of them and deleting bad ones)?
Thanks in advance!
jb
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
dis1931...
I'm starting to think, like you, that we should just get rid of all the PTR records and see who calls. Speaking of placing entries manually, we haven't created PTR records manually, but I wander if setting an I.P. address statically, then changing it back to DHCP would cause such a thing... We do that from time to time on PC's throughout the house, and tend to use I.P. addresses from the same range for the temporary static designation. I'll look into that.
jb
I'm starting to think, like you, that we should just get rid of all the PTR records and see who calls. Speaking of placing entries manually, we haven't created PTR records manually, but I wander if setting an I.P. address statically, then changing it back to DHCP would cause such a thing... We do that from time to time on PC's throughout the house, and tend to use I.P. addresses from the same range for the temporary static designation. I'll look into that.
jb
I have assigned static IPs to PCs from time to time as well and I have never noticed that issue occur but I'm not gonna say I really looked since I've not had that issue before so it is possible. Realistically it is not that big a deal to have it recreate itself, so just deleting will not be the end of the world and it may solve your problems.
Hi jb
they can't be for a round-robin, because that would be the other way around (1 name, multiple IPs). I'd just delete them and keep a good record of your internal IP usage - i.e. define a tight DHCP-range, make ranges for different usages (i.e. routers, firewalls, printers, servers, appliances) and try to keep a good log of the static ones you use. If you do that, you should be able to back-trace when/if this problem arises again. Could it have come from a previous migration (i.e from NT to 2000 or 2003)? I'd just clean it up, set up a small documentation system (like an excel-sheet) and see how it goes in the future. :) "Spring cleaning"
John
they can't be for a round-robin, because that would be the other way around (1 name, multiple IPs). I'd just delete them and keep a good record of your internal IP usage - i.e. define a tight DHCP-range, make ranges for different usages (i.e. routers, firewalls, printers, servers, appliances) and try to keep a good log of the static ones you use. If you do that, you should be able to back-trace when/if this problem arises again. Could it have come from a previous migration (i.e from NT to 2000 or 2003)? I'd just clean it up, set up a small documentation system (like an excel-sheet) and see how it goes in the future. :) "Spring cleaning"
John
you are right John, round robin is the other way around....
are they websites? i.e. a number of records that have been setup with different dns host or cname records to point to the same ip (eg: host headers)?
Sounds to me as though DNS scavanging is not working. You may want to look into this.
BTW - there is a known issue with MS DNS, check the date on the skavanging page in DNS.
Jason
BTW - there is a known issue with MS DNS, check the date on the skavanging page in DNS.
Jason
Any luck so far? :)
ASKER
Oops, I forgot to accept an answer. Sorry y'all!
softlplus and dis1931 both deserve credit here, since both were right. I got rid of all PTR records, and it seems as if lots of the weirdness has gone. Thanks guys!
jb
softlplus and dis1931 both deserve credit here, since both were right. I got rid of all PTR records, and it seems as if lots of the weirdness has gone. Thanks guys!
jb
ASKER
I figure they are from old leases, but I would have hoped AD would have updated after those leases expired. I wasn't the one who set this domain up, though, so perhaps I should look at the settings for scavenging. In any event, they gotta go..
jb (also a John)