Solved

What happens if I delete all of my DNS A and PTR records?

Posted on 2009-05-06
3
977 Views
Last Modified: 2012-05-06
I have a slew of duplicate entries in my DNS on both of my domain controllers. Lots of A records for the same IP address in the forward lookup zone, and lots of PTR records for the same IP address in the reverse lookup zone. It looks like some of the entries have been there as long as the network has been in existence. I have it set up to scavenge records after 7 days, but that doesn't seem to be doing anything.

What happens if I just delete all of the A and PTR records from these zones? Will they regenerate gracefully? Or will I bring my network to a crashing, grinding halt?
0
Comment
Question by:J-J-White
3 Comments
 
LVL 7

Expert Comment

by:LBizzle
ID: 24317943
You will bring computer browsing on your network to a grinding halt for the most part. Besides enabling the scaveging which is a good idea (set it to whatever your DHCP lease time is +1 day). Then, do a force scavenge (right click on DNS server in the MCC and scavenge stale resource records, then give it a couple of 4 hours) after that it's a manual process for the most part; there are tools out there but if you sort by IP address and remove any you know are duplicates (beware of aliases purposely using the same IP address, hopefully you or another admin would have created them and know better and USUALLY only applies to servers or web\Intranet addresses).
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24318094

I disagree about it bringing everything to a grinding halt.

The impact will be low, you will have to ensure that critical servers register immediately after deletion by running "ipconfig /all" and restarting the NetLogon Service on each of your DCs.

The domain will survive quite happily without client records for a few hours / days. Especially PTR records, they're not required for anything at all, they just help things go more smoothly.

The records will regenerate gracefully over a short time. Typically between 24 hours and half of your DHCP lease duration (so 24 hours to 4 days if you use the default DHCP lease of 8 days, and DHCP updates DNS).

That doesn't apply to manually created DNS entries. If you delete one of those you would have to put it back by hand.

> I have it set up to scavenge records after 7 days, but that doesn't seem to be doing anything.

If you've only just done that don't expect it to do it right away. When you first enable Scavenging on a zone (and set the Aging limits) a lock is placed on the zone preventing records from being Scavenged for the duration of a Refresh Interval (7 days by default). This is to give all network clients a chance to update their records before anything is removed.

The MS networking team did a blog on Scavenging which is worth reading, the title is most appropriate :)

http://blogs.technet.com/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx

I have some scripts for reporting on the state of records and associated time stamp values in MS DNS if you want to pick through them.

Chris

PS Computer Browsing is a title normally reserved for looking at computers / the network using "My Places Network". Absolutely nothing you do in DNS would effect that, but I suspect the naming is coincidence :)
0
 
LVL 1

Author Closing Comment

by:J-J-White
ID: 31578612
Thanks for an exceptional answer. :)
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question