Solved

Having problems with Automatic DNS Updates from DCs

Posted on 2007-12-04
7
217 Views
Last Modified: 2010-04-07
Hello,

I have 2 DCs in two different locations connected via software VPN.
Both DCs run DNS server services on them.

However, one DC is behind an NAT router, so it only has a local address, while the other DC is behind a Cisco firewall co-located in a data center with both a public and a private IP.

The private IP works fine over the software VPN and can connunicate, however the co-located DC keeps updating it's DNS record for itself with both the public and the private IP address.
This is causing problems in the office where the NAT router sits because it tries to connect over a public IP when it should only be using the private IP.

I have tried to remove it in the DNS records, and it works perfectly.. However it keeps adding itself back in every couple of hours!

How can I stop this DNS server from updating itself with the public IP?
0
Comment
Question by:BuggyBoyNYC
  • 4
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
Amit Bhatnagar earned 500 total points
Comment Utility
A very common problem normally seen with DNS Server with RRAS installed as well (Multihomed). Anyways, the fix is simple as well.

http://support.microsoft.com/kb/275554
http://support.microsoft.com/kb/246804/EN-US/
http://support.microsoft.com/kb/292822

I could have posted the exact keys for you but I want you to read the entire article if possible. It will help you know a lot of keys\registry changes which people are normally unaware of.


Cheats : Last article contains the resolution part..:D Cheers !!!
0
 

Author Comment

by:BuggyBoyNYC
Comment Utility
Thanks for the response!
However I think I should clarify one thing, I am not using RRAS I am using a seperate third-party software VPN on the system which creates a new network adapter with a private address (much like how a Cisco VPN client does, except this runs 24/7 with no disconnect).

I am not quite sure exactly what instruction set to follow since this isn't specifically RRAS!

Many thanks again, hope you can clarify for me! :)

For example sake, lets say the public address is 66.237.111.111 and the private is 10.2.2.1. How do I keep 66.237.111.111 from automatically registering in the DNS on this server, even though both are valid connections?
0
 
LVL 12

Assisted Solution

by:Amit Bhatnagar
Amit Bhatnagar earned 500 total points
Comment Utility
Hey Buggy Boy from New York City...:D...It does not really matter whether you have RRAS configured or not, if it is a DNS Box and you have multiple adapters, they will register themselves automatically in the form of SOA(Start of Authority) and Host A record. That means even if you have a Virtual network Card due to Loopback adapter or bluetooth, They will get registered in DNS as well. To disable this effect, Add the PublishAddresses and RegisterDnsARecords registry values for the DNS and Netlogon services.

You will notice in the last article that they have mentioned "This issue typically affects computers that are running Small Business Server because this version of Windows Server is frequently the only server on the network". This is because SBS in most of the cases has two NICs. One public and one private. Hope, this helps !!!
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:BuggyBoyNYC
Comment Utility
Thank you so much! :)
0
 
LVL 12

Expert Comment

by:Amit Bhatnagar
Comment Utility
I'll be more happy if these steps actually resolve your issue...It is not like I have doubts...but technology has a mind of its own.... :D U never know...Do let me know the result.
0
 

Author Comment

by:BuggyBoyNYC
Comment Utility
Added those two registry values, and restarted NetLogon and DNS Server services and it IMMEDIATELY resolved the issue! The only A record showing for the co-lo machine was the local address! :) Many thanks!!!!
0
 
LVL 12

Expert Comment

by:Amit Bhatnagar
Comment Utility
You are welcome !! Just an advice...To be dead sure that it is fixed. Restart the Server in Off-Office hours and see if they are still missing. Take care..:) A lot of reregistration happens at the time of System Restart...:)
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now