• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1027
  • Last Modified:

Reverse DNS problem

Hi all...
I've got a strange bit of trouble.  We have had some intermittent network issues, and I'm convinced they are DNS related.  My search has led me to the reverse lookup zone in DNS, where I find multiple entries for a single I.P. address, pointing to different machine names.  Firewall logs seem to indicate I'm on the right track, since they report a destination I.P mismatch.
Questions:
1) How could mutiple PTR records exist in the first place?
2) Is this likely to cause issues with Internet browsing, network drive mapping, etc?
3) How will I get rid of the invalid PTR records (hopefully without manually verifying all of them and deleting bad ones)?

Thanks in advance!
jb
0
johndeerb
Asked:
johndeerb
  • 3
  • 3
  • 3
  • +2
2 Solutions
 
softplusCommented:
Hi jb
you can just delete the multiple PTR records in the DNS manager. I can't imagine that they'd be created from normal internet browsing or network drive mapping... Are you using DHCP? Maybe they're from leftover, expired leases?
John
0
 
dis1931Commented:
The only use I could see in this circumstance would be for some kind of a round robin effect.  However if this is not the case which I assume it is not then you may just have to delete them.  It can affect many things...in particular anything that tries to connect to one of those boxes specifically.  I would think the only real way to get rid of them is to delete the ones you don't want or delete them all and worry about the phone calls later....maybe someone else has more input on this...I've never seen this happen unless the entries were placed manually?
0
 
johndeerbAuthor Commented:
softplus...
I figure they are from old leases, but I would have hoped AD would have updated after those leases expired.  I wasn't the one who set this domain up, though, so perhaps I should look at the settings for scavenging.  In any event, they gotta go..

jb (also a John)
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
johndeerbAuthor Commented:
dis1931...
I'm starting to think, like you, that we should just get rid of all the PTR records and see who calls.  Speaking of placing entries manually, we haven't created PTR records manually, but I wander if setting an I.P. address statically, then changing it back to DHCP would cause such a thing...  We do that from time to time on PC's throughout the house, and tend to use I.P. addresses from the same range for the temporary static designation.  I'll look into that.

jb
0
 
dis1931Commented:
I have assigned static IPs to PCs from time to time as well and I have never noticed that issue occur but I'm not gonna say I really looked since I've not had that issue before so it is possible.  Realistically it is not that big a deal to have it recreate itself, so just deleting will not be the end of the world and it may solve your problems.
0
 
softplusCommented:
Hi jb
they can't be for a round-robin, because that would be the other way around (1 name, multiple IPs). I'd just delete them and keep a good record of your internal IP usage - i.e. define a tight DHCP-range, make ranges for different usages (i.e. routers, firewalls, printers, servers, appliances) and try to keep a good log of the static ones you use. If you do that, you should be able to back-trace when/if this problem arises again. Could it have come from a previous migration (i.e from NT to 2000 or 2003)? I'd just clean it up, set up a small documentation system (like an excel-sheet) and see how it goes in the future. :) "Spring cleaning"
John
0
 
dis1931Commented:
you are right John, round robin is the other way around....
0
 
alimuCommented:
are they websites?  i.e.  a number of records that have been setup with different dns host or cname records to point to the same ip (eg: host headers)?
0
 
RodlabCommented:
Sounds to me as though DNS scavanging is not working. You may want to look into this.

BTW - there is a known issue with MS DNS, check the date on the skavanging page in DNS.

Jason
0
 
softplusCommented:
Any luck so far? :)
0
 
johndeerbAuthor Commented:
Oops, I forgot to accept an answer.  Sorry y'all!

softlplus and dis1931 both deserve credit here, since both were right.  I got rid of all PTR records, and it seems as if lots of the weirdness has gone.  Thanks guys!

jb
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now