Solved

DNS Server cache not updating

Posted on 2008-10-21
4
1,115 Views
Last Modified: 2012-05-05
We have a domain wih 2 DC running windows 2003 SP2 .

Both server are working as DNS servers for the office.

Server 1 IP configuration has server 2 as DNS server
Server 2 IP configuration has Server 1 and server 2 as DNS servers

A couple of weeks ago we changed our weg domain registrant, NS records and several A records.

It has spread everywhre but server 1.

When we make an nslookup query to server 1 we get old NS and old addresses
when we make an nslookup to server 2 we get new NS and new addresses

Checking server cache using dnscmd <server> /zoneprint ..cache  at each server shows that cache at server1 has old information and cache at server 2 has new information.

No errors at eventviewer that could be related to this

Before flushing cache information at server1 I would like to know why this could be happening


Any ideas?

Please ask any further information required
0
Comment
Question by:DFUYT
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22770606
You are using DNS forwarders: That will go out to distant DNS servers and perform a recursive lookup.

Recursion is handled by the server. It goes out to distant sites, including its own DNS and gets the DNS resolver to that distant server or site and saves it in cache for quick lookups.

In contrast, iterative lookups (Handled by root hints), will tell the client or server to go get that site themselves. Then, the query will be saved in cache for quicker lookups on the client machine, no the server.

http://technet.microsoft.com/en-us/library/cc757255.aspx

What is the TTL of the DNS resolver cache for recursive queries? It can be shortened to whatever you wish, including zero. Zero, basically disables cacheing.

HKLM\SYSTEM\CurrentControlSet\Services\DNS\Parameters
____________________________________________________________________________
FYI:
Chronology of a DNS or WINS query and how to resolve records problems:
The client sends out either a DNS or WINS query:
1) The first place a client looks for is a cached entry. (To determine if this is the case, go to the command prompt of the client and type IPconfig /flushdns.) (For WINS cach, type NBTstat -rr)
3) Then if your client doesn't have the cached entry, it will look at the client's C:\Windows\system32\drivers\ect\Host file for resolution. (For WINS, you comptuer looks in the C:\Windows\system32\drivers\ect\LMHOST file(You can look at and edit the host file with word pad. Check and see that there are no entries, except 1.0.0.127 local host file in that file for the HOST file and no entries in LMHOST. These files are used if you don't have a DNS server or WINS server respectively. They can be configured to maintain a list of computers you want to contact via a DNS query or WINS query.)

After the client can't determine its own DNS query it will look at the prefered DNS server: (To determine the prefered DNS server, it will be the first on on the list in an IPconfig /all of the client). (For WINS, it will be the preferred WINS server)
1) The first place the server looks for DNS records is its own DNS cache. (You can flush the cash by again going to the command prompt and typing ipconfig /flushdns) (For WINS it you can flush it by purging the Server's WINS cache by using NBTstat -rr)
2) Then the server will look at its own C:\windows\system32\drivers\host file. (for WINS it will be the C:\windows\system32\drivers\LMHOST file
2)Then, the DNS server will have a list of Host A records, Alias records also known as CNAME records and SRV (service)records. (For WINS, it will look at the WINS record, Netbios Alias record, and other server records)
3) If the DNS server can't find the Host A, it will make an attempt to contact an outisde server. There are two types of contacts. One is a recursive and the other is an iteration query. There are also two types of lists to contact the outside server. One is called a forwarder and the other is called roothints.
---brief explaination of each:
---Recursive lookup: A recursive lookup is handled by the server. It will go out to a distant server and try to resolve DNS queries that it can't do on for the client. In other words, if the DNS server can't find an internal address, it will go out to other servers and ask them to look for it. If a resolution is provided. The resolution will be passed down to the client from the server. It is recommended to turn off recursive lookups for security reasons and performance reasons.
--Iteration: Iteration is done when the server can't resolve the query and tells the client, "I can't do it, ask another DNS server." The resolution comes from the remote server, not the local server. So, this is basically passing the buck.
---forwarders: forwarders are manually configured DNS servers that your server will forward queries to if your server can't make the resolution. (most folks configure the ISP's DNS server as the forwarders)
---Root Hints: Root Hints are a list of public DNS servers that your server forwards DNS queries to if your server can't resolve the DNS query


DNS-query.gif
0
 

Author Comment

by:DFUYT
ID: 22774690
First of all thanks for the time you took to answer the question.


Then I want to add some comments:

We can discard the client related part, test were performed using nslookup querying DNS servers directly

None of the servers has forwarders configured, they are using root hints directly to resolve non authoritative domains.


Time related records at old name server are (they have not removed it yet)

        refresh = 1800 (30 mins)
        retry   = 900 (15 mins)
        expire  = 864000 (10 days)
        default TTL = 2560 (42 mins 40 secs)


MaxCacheTtl  is not configure at the servers so I assume derault (1day) is used.

However I came by with something that's wrong.  

There is a problem with old name servers as they

   1- Still have old addresses for A records
   2- When asked they still say they are authoritative for the Zone

(Both of this are wrong we are contacting them to remove all those records)


Then the question is.......

How will cache work for this?

I am starting to think that if the server has an A record cached with a NS for that domain and that cache entry expires it will not go to root hints again but ask the NS it has cached for that domain and as those DNS servers are still answering they are authoritative for the domain then no other query is performed.

Can this be true?


0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 22774865
I'll bet this is in the reverse lookup zone:

When performing NSLookup, it will look at the IP of the preferred DNS server of the NIC configuration. It will take that IP and look that up in the reverse lookup zone to translate it to a DNS name.

Look in reverse lookup zone for your old name server record and don't hesitate to flush the DNS resolver cache. Flushing that will not hurt anything.
0
 

Author Closing Comment

by:DFUYT
ID: 31508415
I found what the problem was, TTL for Name server records at the external DNS was extremely high.  One of the servers had it cached and was not going to root hints.  As those name servers were still answering hey were authoritative for the zone they kept me trap.  
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now