DNS (a) record - TTL keeps reverting to default 10 minutes

Posted on 2009-04-13
Last Modified: 2012-05-06

I have a W2K3 SP2 server farm with two domain controllers, both configured with Global Catalog and both running DNS server (AD integrated) which are able to replicate to each other perfectly. All my client servers are pointing to both DNS servers in their IP configuration, with the primary DC as the first DNS server and the secondary DC as the second DNS server. For reasons related to application failover and uptime, I need to set the TTL for my to 30 seconds so that if the primary DC goes down the will re-resolve to the second DC in under one minute. However although this method works, I discovered that the (a) records keep reverting to the default of 10 minutes?

Does anyone know why this is happening and how I prevent this please? I need my (a) records to have a TTL value which is less than one minute.
Question by:harnamsc
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
ID: 24132486
After doing some reading on default TTL's, I found the article below. It states that the default TTL is 20 minutes. I would guess that your TTL must be set to 10 minutes, so that when it elapses after you manually change the TTL, the next renewal resets it to 10 minutes:
I think what you'd have to do is to disable dynamic registration for the two DNS servers and then set the TTL to what you want it to be.  

Author Comment

ID: 24135499
hypercat: Sorry but the link you provided does not specifically state which registry key I need to edit?
LVL 38

Accepted Solution

Hypercat (Deb) earned 250 total points
ID: 24139470
Here's material quoted from the last few paragraphs of the article:
<<How to disable DNS updates in Windows Server 2003
By default, client computers that are running Windows Server 2003 have DNS updates enabled. To disable domain name system (DNS) dynamic update protocol registration for all network interfaces, use one of the following methods:
Method 1
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters
  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type DisableDynamicUpdate, and then press ENTER two times.
  5. In the Edit DWORD Value dialog box, type 1 in the Value data box, and then click OK.

    Note By default, the DNS update is enabled (0). Exit Registry Editor.
Method 2
Note This method does not apply to Windows 2000-based computers.
  1. Click Start, click Run, type regedit, and then click OK. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\Parameters
  2. On the Edit menu, point to New, click DWORD Value, and then type RegistrationEnabled.
  3. Right-click RegistrationEnabled, click Modify, type 0 in the Value data box, and then click OK.
  4. Exit Registry Editor.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base: 816592  ( ) How to configure DNS dynamic update in Windows Server 2003>>
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 24144124
So I have to edit the HKLM\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters (method 1) key on all my client servers and workstations? Method 2 probably does not apply to my environment as everything there runs Win2003 SP2.
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
ID: 24148630
Just on the DNS servers. The purpose of the reg edit is to prevent that particular machine from dynamically updating its DNS records. These are the machines that you are trying to force a particular TTL for the DNS records, right?  Since the TTL is defaulted and updated when the dynamic DNS update occurs, setting these machines not to update dynamically should prevent the TTL from changing. You will need to test this, of course, to see if it accomplishes what you are trying to do, as I'm not 100% sure it will.

Author Comment

ID: 24154170
Thank you hypercat, I've modified the registry keys on my DNS servers and the modified TTL values for my (a) records no longer reset themselves.

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Learn about cloud computing and its benefits for small business owners.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question