BIZNETplus
asked on
DNS configured incorrectly
Something is broken with our DNS. I think the records are not being updated or refreshed. If I ping an internal computer by name a lot of the time it resolves to the wrong IP address. External addresses resolve fine. There aren't any errors in the DNS log. Although, looking at our local subnets under reverse lookup zones shows the inacurate IP records along with old computer names that have since been renamed.
Any pointers would be greatly appreciated.
Any pointers would be greatly appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The Scavenge stale resource records option was not checked. I checked that and set both no-refresh and refresh interval at 4 days. Im not sure how long the DHCP lease is, DHCP is handled by a SonicWall that I do not have access to. I will go ahead and contact the company that manages that and see if they will tell me.
There were two places I saw to set scavenging that seemed independent of each other. Right clicking the dns server there was "Set Aging/Scavenging for All Zones", but also if you click Properties and the Advanced tab, at the bottom there is another option to enable automatic scavenging of stale records. I turned it on in both places.
It is AD integrated, and dynamic updates is set to secure. I will try changing to unsecure if the scavenging doesnt correct the problem.
There were two places I saw to set scavenging that seemed independent of each other. Right clicking the dns server there was "Set Aging/Scavenging for All Zones", but also if you click Properties and the Advanced tab, at the bottom there is another option to enable automatic scavenging of stale records. I turned it on in both places.
It is AD integrated, and dynamic updates is set to secure. I will try changing to unsecure if the scavenging doesnt correct the problem.
Just a quick note on Scavenging again.
You have to be rather patient with it, with your current settings it will not allow Scavenging to execute against the zone for 4 days (the value of the Refresh Interval). This is to give AD, and all the network clients, time to think about correctly writing the Time Stamp information.
You can see the value for that if you select View / Advanced, then re-open the Aging option.
The Scavenging option under the DNS server Properties / Advanced, states how frequently the task itself runs. I recommend setting that to 1 day on one of your Domain Controllers.
And if the lease time is really short...
Whatever you do, don't set a Refresh Interval less than 1 day. Records only dynamically register once every 24 hours, having a shorter Refresh interval makes a real mess.
Chris
ASKER
This worked out great, thanks!
is your zone AD integrated? are the dynamic updates set to secure and non-secure? did you try setting it to non-secure?
is you dhcp server a windows dhcp server? did you check the settings for option 81:
http://technet.microsoft.com/en-us/library/cc787034.aspx