Windows 2003 servers not automatically updating their DNS in reverse lookup zone

Hi again guys.
More DNS fun, todays mindbender is as follows:

I have somewhere in the region of 100 Windows 2003 servers.

All are registering correctly into the forward lookup zone.

When I look at the reverse lookup zone, the time stamps for the DNS entries are dating back to December last year for most servers.

If I perform an ipconfig /registerDNS on a server with an old record, it does update the record succesfully, reflected in the time stamp to the DNS record.

I was about to enable scavenging for this subnet as it also hosts some DHCP clients for our IT dept.  Before I enabled it I thought it prudent to check the server records - I'm glad I did!

Does anybody have any suggestions as to why the time stamps would be so dated?  My understanding was that by default every 24 hours that a 2003 server with a static IP would re-register and update it's DNS record.

Thanks in anticipation.
GreencoreAsked:
Who is Participating?
 
Chris DentPowerShell DeveloperCommented:

It will, but time-stamps don't fully replicate unless Aging is enabled. This is important if you have more than one DNS server accepting updates for the zone.

You might consider setting No-Refresh to 1 day and Refresh to 30 days (or so). That way you have a month to monitor the time stamps before any record can be considered stale.

Note that when enabling Aging on a zone for the first time a lock is placed on the zone to prevent it from being Scavenged until a full pass of the Refresh interval. You can see that lock by selecting View / Advanced then opening the Aging properties. Otherwise the change I suggest wouldn't help much ;)

HTH

Chris
0
 
GreencoreAuthor Commented:
Well, if it isn't my old friend Chris who helped me out with understanding scavenging in the first place!
Hi Chris, good to hear from you again - I know I'm in safe hands!

Aging is not configured for this reverse lookup zone.  This particular zone hosts most of our business critical Central servers along with the IT staffs' DHCP scope whome all share a common IP range.

The reverse lookup is so far divorced from the forward lookup as to be untrue.

So simply by enabling aging I should see the record time stamps updating within DNS, and then configure no refresh/refresh accordingly?

PS thanks for the last problem you solved for me - DNS is working fantastically since I reconfigured it under your advice.
0
 
Chris DentPowerShell DeveloperCommented:

I'm glad to hear it :)

If we set a large Refresh Interval it will lock the zone, preventing Scavenging taking place (on that zone), which is good for us.

After a few days you should find that the Time Stamps are consistent between all Domain Controllers. At which stage you can consider reducing the Refresh Interval to a reasonable level. I don't think that will make it re-evaluate the lock on the zone (never bothered testing that), but that's fine if you're willing to be patient.

The alternative is to disable the automatic Scavenging task, and enable Aging with the preferred intervals. Again it will need to be monitored to make sure it updates before re-enabling the Scavenging task.

Chris
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
GreencoreAuthor Commented:
There's another DNS server which perform a scavenging task daily for all zones including this one.  Its' not practical for me to disable the scavenging so best to leave it in place, and set the refresh to 30 days and wait for everything to drop into sync.

The other reverse lookup zones which have aging configured are behaving beautifully, so what you're saying makes sense.

I'll leave it configured as suggested and monitor.

Thanks Chris.

I'm about to put another post up with regards to our zone transfer configurations which you said before you were up for the challenge...Keep your eyes peeled for a new post from me - could really use your help on that one too!!!
0
 
Chris DentPowerShell DeveloperCommented:

Okay, no problem :)

Chris
0
 
GreencoreAuthor Commented:
Chris - points awarded - new query is under id:24172507
0
 
GreencoreAuthor Commented:
Chris is always extremely helpful, I'm delighted whenever he answers my queries.  Its better than having a MS technical helpline on speed dial.  Thanks again Chris.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.