DNS resolution question

We currently use DHCP to assign IP addresses. How fast does DHCP update the DNS server with the IP to name resolution? Also I am in the DNS server and if I look up a record is has the correct IP address but when I ping from the DNS server it tries to resolve to an old IP address. This can be a major problem. What can I do? Thanks
Thomas NSystems Analyst - Windows System AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

LivingCPUCommented:
Have you tried on the doing this

ipconfig.exe /flushdns
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
Yes, that didnt help
0
speshalystCommented:
try ipconfig /registerdns
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

speshalystCommented:
you can add this to the startup.. so once the client gets the IP it is forced to register on the DNS server
 
0
sputnik_itCommented:
There's a big article on MS, maybe it can help too
http://support.microsoft.com/kb/816592
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
I have done the register DNS but I dont think thats the issue because if I look in the DNS record it is correct. It has the correct IP address. Now this is funny, when I go to another DNS server it resolves the name correctly but our Primary DNS server does not resolve the name eventhough it has the correct A record.
0
mdennis4422Commented:
DHCP does not update the DNS Server.  That is a function tha tthe client performs after it receives a new IP address.  WHat you may be experiencing is a replication issue.  It sounds like you are assigning DHCP address and the client is updating it's Primary DNS server, and then gets replicated to your secondary DNS server.  THere can be up to a 20 minute delay for this to replicate, depending on the network.  Also normally you don't set your primary DNS server up to use itself for primary DNS lookups.  You set the primary to point to the secondary and vice-versa.  What I would suggest would be to use nslookup to determine ip address from the primary dns server and then change the focus to the secondary dns server and test again.  THis will allow you to determine if you are waiting for DNS to replicate.  Look for Replication errors in the eventlog on your DC's.  Also, you can force replication through AD sites and services.  There is also a replication frequency that can be defined through AD or Group policy.   I hope that this helps.
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
I am didnt setup our DNS server, I am just trying to fix it. So I should verify under TCP IP properties, that the preferred DNS server is the secondary on the primary DNS server and vica versa on the primary? Because right now on our Primary DNS the Preferred has the Primary DNS server in it.
0
mdennis4422Commented:
Yes I have always setup the primary DNS server's TCP/IP settings to have the secondary DNS Server as the Primary and itself as the secondary.  Try that and let me know.
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
I will have to do this after hours but I will try it and let you know. Thanks
0
ChiefITCommented:
Making another DNS server as the primary is a mistake. It leads to excessive chatter on the network. You want that DNS server's IP, (no matter what DNS server it is), to be its own primary DNS server.


Let me ask how you ping the server:

Are you pinging by netbios servername?
Ping xxDC1
Are you pinging by IP address using an ARP ping?
Ping xxx.xxx.xxx.xxx
Are you pinging by DNS query?
Ping xxDC1.domain.name

PIng is a multicommunications protocol diagnostic utility. Improper use may lead to false information. It is my guess you are pinging using a netbios/WINS Query. In that case, go to your command prompt and type. NBTstat -rr. That flushes your Netbios cache, (also known as your WINS cache).

If that is not the case, you could be running into a messed up forward lookup zone or a HOST file configured on the client computer you are trying to ping from.



0
ChiefITCommented:
I would like to add that replication problems are a very plausible problem and you should check your logs to see if you can find 1925, 2088 and I think 2087 errors in event logs.

Also on the client's nic, is it told to register the DNS address on the DNS server? Look at the nic configuration>>TCP/IP properties>>Advanced>>DNS tab.
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
ChiefIT: I tried the NBTstat -rr but it did not fix the issue. You are correct thought that its a netbios problem since i can ping correctly with the full DNS name. You bringing up the host file problem on the client machine had me thinking though. There is Spybot on this machine, and I think the software edits the host file. Do you think this is the reason why?

The client PC has the correct DNS eventhough its not on that tab because it gets its DNS info from the DHCP server.
0
ChiefITCommented:
No, Netbios translation uses the LMhost file, not the HOST file. To check that as a plausible issue, all you have to do is disable LMHost lookup on the NIC configuration.

Since this is a netbios issue, not a DNS issue, let's check to make sure Netbios is enabled. That too is on the WINS tab of the NIC configuration.

If you have a WINS server, it would be a good time to know this.
0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
"Enable LMHOSTS lookup" is checked. This client actually has  WINS addresses for servers on a different domain so these users can reach there Exchange email. Could this be a problem? Sorry not great with DNS\WINS. I didnt know that a setting on the client could cause problems with a outside machine pinging it.
0
ChiefITCommented:
The way this works is this:

Netbios broadcasts are sent out through the LAN. That registers IP addresses to the netbios name of the server and is saved in netbios cache. However, if you have a WINS server, it registers within WINS as a WINS record. You have an out of date Netbios cache record or a bad WINS record.

Netbios/WINS is very much like DNS in structure:

First the Client will try to resolve its own query:
1) It first looks in its own cache for the computer you are trying to communicate with. (this is much like a DNS query that looks in the DNS cache for resolution.
2) Then, it look in its own LMHOST file. That is found in C:\i383\drivers\ect\LMHOST.sam. That file is editable using a text editor, like notepad. (For DNS, the client will look in its own HOST file. C:\i386\drivers\ect\HOST)

If you have a DNS server or WINS server, the HOST file or LMHOST file should not be configured for the very same reason you are seeing.

After that, the Client look towards their preferred server: (Preferred WINS server, or Preferred DNS server).
It will look in the WINS records for a local addresses of clients and servers, For DNS it will look in the Forward lookup zones for DNS resolution.

Once the server is unable to handle the query, it will look towards outside servers.

For WINS, the clients register their IP via netbios broadcasts upon boot up. However, Netbios broadcasts are not routeable. This means it will not go through different subnets, over a VPN connection, through a NAT firewall, or to a VLAN. Netbios was good for a flat LAN with no subnets or VLANS. To overcome this issue. Netbios needs a little help. This is where WINS comes in handy. WINS will allow Netbios broadcasts to be routeable.

Netbios record problems are not as detrimental to you as DNS problems. Netbios is an ancient protocol that is not used as often as DNS. If you had DNS issues with a bad record, you could expect the inability to map network drives to a share, logon issues with the DC, inability to contact the internet, ect... Netbios pretty much only populates the domain master browser, these days and also registers the client in the netbios cache via broadcasts. Other than that its used for the browser service. With a bad record, you may have the inability to contact the UNC path of the share with the computer that has a bad IP unless you use the  fully qualified domain name. UNC stands for Universal Naming convention and is another multicommunications protocol. So, that depends how you type it in.

//servername/share
Netbios query to the share
//servername.domain.name/share
DNS query to the share
//xxx.xxx.xxx.xxx/share
is a Arp query to the share

Since you are having problems with netbios resolution, it will be a problem with the computer's inability to update its IP to computername via a netbios broadcasts. That will mean either it is a routing issue, where your computer with the bad IP is on a different subnet, or not withing the route of your client or server. Or it could mean that netbios is turned off and it kept the last one registered in netbios cache. Or it could mean that there is an LMHOST file that was manually configured.

Sometimes folks manually configure the host file to allow netbios to be routeable between two site's domain master browsers. This takes the place of a WINS server allowing two sites to share the browselist. With that manually configured on the server, I can understand how the IP of the server is incorrectly replying.




0
ChiefITCommented:
OK:

Well there is your problem>

When you set up the mail client software, you told the client software that it was suppose to find the mail server using the netbios name. The client email software is just a shell and contacts the server in the way you specify it to. So, if you tell the client the HOST mail server is:

MYMAILSERVER (netbios query)
Instead of
My mailserver.domain.name (DNS query)

Your mail client will try to look in its netbios cache for the mail server then contact the local WINS server or Domain master browser when not found. That server may hold an OLD IP because the mailserver hasn't been on the same site and therefore not registered its netbios addressing through a broadcast.

In short, you are telling your client computer to contact a mail server using a netbios handshake and that hasn't been on the same site to handshake with the LAN and register it's IP address with either a WINS server or in Netbios cache.

HERE ARE YOUR FIXES:
From now on, I recommend you configure your mail client to contact your mail server with either the IP address or fully qualified domain name:

Then, to get your two sites up on Netbios, you either need a WINS server or a configured LMHOST record between the two SITE domain master browsers. The site master browsers should be your local DC with FSMO Roles. To further understand the domain master browser service. Please read this entire article, especially the part with NT4 article on the domain master browser. This explains a lot on UNC paths, how DNS and Netbios are different as well as how to fix netbios resolution over two sites.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23706144.html

0
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
The WINS server that is on the client is not the WINS server for our domain network. Should we be entering the WINS information for the other domain somewhere on the WINS server on our domain, instead of on the clients? So that the machines on our network can either resolve the name to either our WINS and if they cant find it to look on there WINS? Such as DNS forwarding.

Our domain is physically connected to another domain but they are different, they might not even be trusted.
0
ChiefITCommented:
Within DHCP scope options, you have the option to set who your preferred DNS servers will be and who your Preferred WINS servers will be for that local site. You will want your local site's DNS server to be the preferred DNS server, and the local site's WINS server to be the preferred WINS server for all DHCP clients.

Once again, I recommend you go to the clients with issues and configure their mail client software to look for the DNS name of the mail server. DNS is routeable while Netbios is not. Netbios names are registered through netbios broadcasts and those broadcasts will not go through to different sites, (meaning it is not routeable), unless you have a WINS server that is properly working. That WINS server must be local because of that.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Thomas NSystems Analyst - Windows System AdministratorAuthor Commented:
Thanks ChieftIT
0
ChiefITCommented:
I am glad that worked for you.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.