Solved

DNS ISSUE

Posted on 2006-10-25
7
197 Views
Last Modified: 2010-04-18
I am experiencing frequent outages from my DNS server - surprising thing is these outages only occur on 'A' resource records that I created on the server. i.e We frequently (happens about 5 to 10 times a day) lose our intranet and company web site pages and have to do an IP addresss release and renew before we can get them back. its like there's some type of keep-alive thats expiring. Its definitely not the IP lease period as this has been set to an infinite length of time but the problem still persists.

Appreciate comments.
0
Comment
Question by:yinkantia
  • 3
  • 2
7 Comments
 
LVL 8

Expert Comment

by:caddlady
Comment Utility
Below is an excerpt from Microsoft:

If the client requests to register its resource records with DNS, the client is responsible for generating the dynamic UPDATE request per Request for Comments (RFC) 2136. Then, the DHCP server registers its PTR (pointer) record.

Assume that this option is issued by a qualified DHCP client, such as a DHCP-enabled computer that is running Windows Server 2003, Microsoft Windows 2000, or Microsoft Windows XP. In this case, the option is processed and interpreted by Windows Server 2003-based DHCP servers to determine how the server initiates updates on behalf of the client.

For example, you can use any one of the following configurations to process client requests: • The DHCP server registers and updates client information with its configured DNS servers according to the client request.

This is the default configuration for Windows Server 2003-based DHCP servers and clients that are running Windows Server 2003, Windows 2000, or Windows XP. In this mode, any one of these Windows DHCP clients can specify the way that the DHCP server updates its host A and PTR resource records. If it is possible, the DHCP server handles the client request for handling updates to its name and IP address information in DNS.

To configure the DHCP server to register client information according to the client's request, follow these steps:1. Open the DHCP properties for the server or the individual scope.
2. Click the DNS tab, click Properties, and then click to select the Dynamically update DNS A and PTR records only if requested by the DHCP clients check box.
 
• The DHCP server always registers and updates client information with its configured DNS servers.

This is a modified configuration supported for Windows Server 2003-based DHCP servers and clients that are running Windows Server 2003, Windows 2000, or Windows XP. In this mode, the DHCP server always performs updates of the client's FQDN and leased IP address information regardless of whether the client has requested to perform its own updates.

To configure a DHCP server to register and to update client information with its configured DNS servers, follow these steps:1. Open the DHCP properties for the server
2. Click DNS, click Properties, click to select the Enable DNS dynamic updates according to the settings below check box, and then click Always dynamically update DNS A and PTR records.
 
• The DHCP server never registers and updates client information with its configured DNS servers.

To use this configuration, the DHCP server must be configured to disable performance of DHCP/DNS proxied updates. When you use this configuration, no client host A or PTR resource records are updated in DNS for DHCP clients.

To configure the server to never update client information, follow these steps:1. Open the DHCP properties for the DHCP server or one of its scopes on the Windows Server 2003-based DHCP server.
2. Click DNS, click Properties, and then clear the Enable DNS dynamic updates according to the settings below check box.  
By default, updates are always performed for newly installed Windows Server 2003-based DHCP servers and any new scopes that you create for them.

http://support.microsoft.com/kb/816592
0
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
Please define "outages" and "lose our intranet"; are you actually losing the A records, or are they just not resolving anymore?
If the latter, I suspect that you're using external DNS servers in the TCP/IP settings on your machines. If so, don't. Use only your DC(s) as DNS servers, and configure forwarders on them for external resolution.

10 DNS Errors That Will Kill Your Network
http://mcpmag.com/features/article.asp?EditorialsID=413

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
0
 

Author Comment

by:yinkantia
Comment Utility
yes, you are right, its the latter. When the outage occurs, they are not resolvable but  as soon the IP-lease on the PCs are renewed, they become reachable again.

a little background info.........

Our DHCP server (a linux box) is configured to assign the windows server as the primary DNS and assign itself as the secondary DNS, to all client PCs. In otherwords, both our primary and secondary DNS servers are internal. We have configured a forwarder on the primary to forward 'external' requests to the secondary DNS server.

Sorry i didnt add this initially - our web site is externally hosted and of course the intranet is internal, so requests for the website are forwarded to the seconday DNS server.

The surprising thing is when the problem occurs, both are unavaillable and then they are available again after the ip-renew.

I'm not sure your suggestion will apply to our scenario...pls correct me if i'm wrong.

Thanks.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 82

Expert Comment

by:oBdA
Comment Utility
More background needed:
Do the two DNS servers replicate their zones?
Is your AD domain name the same as your internet domain name?
Whether you can use your Linux machine as DNS server for your domain members depends mainly on whether it supports dynamic DNS (RFC 2136) and SRV entries (RFC 2052).
0
 

Author Comment

by:yinkantia
Comment Utility
comment for oBDA

sorry been out of circulation. These are the responses to your questions:

No the DNS servers do not replicate their zones.
Yes our AD DOMINA name is the same as our internet domain name.
The linux box supports DNS (RFC 2136) and SRV entries (RFC2052)

Awaiting your response.
0
 
LVL 82

Accepted Solution

by:
oBdA earned 500 total points
Comment Utility
You can't have two independent DNS servers in your AD domain and use both for AD clients.
Start with read the articles above carefully.
Then I'd recommend to continue running a primary zone for your domain on the AD DNS server the SOA for your AD domain.
Delete the primary zone on the Linux machine, create a secondary zone instead, let it replicate from the AD server. Use both DNS servers on the clients. Setup forwarders on both to forward directly to your ISP's DNS server.
Finally, in the forward lookup zone on your AD DNS, create host (A) records for any machine (www, for example) that is hosted by your ISP under your internet domain name.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Learn about cloud computing and its benefits for small business owners.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now