Solved

What happens if I delete all of my DNS A and PTR records?

Posted on 2009-05-06
3
937 Views
Last Modified: 2012-05-06
I have a slew of duplicate entries in my DNS on both of my domain controllers. Lots of A records for the same IP address in the forward lookup zone, and lots of PTR records for the same IP address in the reverse lookup zone. It looks like some of the entries have been there as long as the network has been in existence. I have it set up to scavenge records after 7 days, but that doesn't seem to be doing anything.

What happens if I just delete all of the A and PTR records from these zones? Will they regenerate gracefully? Or will I bring my network to a crashing, grinding halt?
0
Comment
Question by:J-J-White
3 Comments
 
LVL 7

Expert Comment

by:LBizzle
ID: 24317943
You will bring computer browsing on your network to a grinding halt for the most part. Besides enabling the scaveging which is a good idea (set it to whatever your DHCP lease time is +1 day). Then, do a force scavenge (right click on DNS server in the MCC and scavenge stale resource records, then give it a couple of 4 hours) after that it's a manual process for the most part; there are tools out there but if you sort by IP address and remove any you know are duplicates (beware of aliases purposely using the same IP address, hopefully you or another admin would have created them and know better and USUALLY only applies to servers or web\Intranet addresses).
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24318094

I disagree about it bringing everything to a grinding halt.

The impact will be low, you will have to ensure that critical servers register immediately after deletion by running "ipconfig /all" and restarting the NetLogon Service on each of your DCs.

The domain will survive quite happily without client records for a few hours / days. Especially PTR records, they're not required for anything at all, they just help things go more smoothly.

The records will regenerate gracefully over a short time. Typically between 24 hours and half of your DHCP lease duration (so 24 hours to 4 days if you use the default DHCP lease of 8 days, and DHCP updates DNS).

That doesn't apply to manually created DNS entries. If you delete one of those you would have to put it back by hand.

> I have it set up to scavenge records after 7 days, but that doesn't seem to be doing anything.

If you've only just done that don't expect it to do it right away. When you first enable Scavenging on a zone (and set the Aging limits) a lock is placed on the zone preventing records from being Scavenged for the duration of a Refresh Interval (7 days by default). This is to give all network clients a chance to update their records before anything is removed.

The MS networking team did a blog on Scavenging which is worth reading, the title is most appropriate :)

http://blogs.technet.com/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx

I have some scripts for reporting on the state of records and associated time stamp values in MS DNS if you want to pick through them.

Chris

PS Computer Browsing is a title normally reserved for looking at computers / the network using "My Places Network". Absolutely nothing you do in DNS would effect that, but I suspect the naming is coincidence :)
0
 
LVL 1

Author Closing Comment

by:J-J-White
ID: 31578612
Thanks for an exceptional answer. :)
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
buying a domain 9 68
Include multiple server addresses in SPF record 6 60
Add new forwarder to DNS 5 33
MX/PTR record changed- various email domains bounceback 11 51
This article is intended as an extension of a blog on Aging and Scavenging by the MS Enterprise Networking Team. In brief, Scavenging is used as follows: Each record in a zone which has been dynamically registered with an MS DNS Server will have…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now