Problems DNS after scavening dns

Hello,

I am running to some dns problems every 21 days.

When i run a dcdiag /test:dns i get the following results (i will put the full log later on)

 Summary of DNS test results:
         
                                            Auth Basc Forw Del  Dyn  RReg Ext  
               ________________________________________________________________
            Domain: domain.local
               serverdc2                 PASS FAIL PASS PASS WARN FAIL n/a  
         
         ......................... domain.local failed test DNS

After a dcdiag /fix everything works fine again.

DNS Scavening is set to every 7 days but after 21 days we receive this error.
There are 2 domain controllers, serverdc1 is the primairy server and serverdc2 is the secondairy.

Does anybody had any idea why this is happening every 21 days.

some other errors in the log :

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine serverdc2, is a DC.
   * Connecting to directory service on server serverdc2.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   
   Testing server: domain\SERVERDC2
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host e3a31358-75b4-41b4-886d-8660f088e000._msdcs.domain.local could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (e3a31358-75b4-41b4-886d-8660f088e000._msdcs.domain.local) couldn't be

         resolved, the server name (serverdc2.domain.local) resolved to the IP

         address (**.**.**.**) and was pingable.  Check that the IP address is

         registered correctly with the DNS server.
         ......................... SERVERDC2 failed test Connectivity

Thanks for the help!
fmecwmAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

Could you let us know the Aging intervals have you set please?

Chris
0
fmecwmAuthor Commented:
The aging intverval is set to 7 days

Is this what you want to know?

Stefan
0
Chris DentPowerShell DeveloperCommented:

Yep, it is, that's both of them?

Are you able to verify if the "e3a31358-75b4-41b4-886d-8660f088e000._msdcs.domain.local" exists in DNS at the point of failure?

Chris
0
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

fmecwmAuthor Commented:
This is on both servers yes.

i'm not able to check this because we have already runned the fix so everything is working fine again.

But when this problem occurs the _msdcs.fmecwm.local in forward lookup zones is empty.

I hope this is enough information for you, otherwise i have to wait 21 days.

Stefan
0
Chris DentPowerShell DeveloperCommented:

I meant both Aging intervals (No-Refresh and Refresh) :)

We can theorise that it gets Scavenged, it fits into a multiple of the scavenging period. But the NetLogon service should be sending a Refresh for that record (and all other service records) once every 24 hours.

Do you have any other DNS servers listed in TCP/IP configuration?

And do you see any errors in the event log for DNS record registration?

The Host (A) and PTR records are still present when this problem occurs aren't they? Although those are maintained by DHCP Client rather than NetLogon the same 24 hour refresh applies.

Chris
0
fmecwmAuthor Commented:
The host and ptr records are still present yes.

In the dns event this is the only information log :

15 juli 18:00
The DNS server has completed a scavenging cycle:
Visited Zones     = 14,
Visited Nodes     = 722,
Scavenged Nodes   = 0,
Scavenged Records = 0.
 
This cycle took 0 seconds.
 
The next scavenging cycle is scheduled to run in 168 hours.

0
Chris DentPowerShell DeveloperCommented:

Is that the cycle immediately preceding the last failure?

Chris
0
fmecwmAuthor Commented:
Yes
this is the olny event in de eventlog and i did not checked it yesterday after 18:00 but this morning.
This happends every 21 days.
i hope this is an answer on your question (my english is not that good)
0
Chris DentPowerShell DeveloperCommented:

Do any of the Scavenging events have values for "Scavenged Nodes" or "Scavenged Records"?

You might consider creating a new Forward Lookup Zone for _msdcs.fmecwm.local. Then apply very long Aging Intervals to the new zone.

Chris
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fmecwmAuthor Commented:
Hi Crhis thanks for the help!
I'm considering to create a new forwared lookup zone.
The scavening is set to 7 days, will it help to set this to 21 days? we have about 300 systems here.

Thanks for the help.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Utilities

From novice to tech pro — start learning today.