DNS servers not replicating with one another

Hello, We currently have Two DC's that are configured with Active Directory integrated DNS. Although everything "works" we sometimes have a problem where when trying to resolve an IP on our network we're given their old stale address (an address they had a few days ago.). After doing some digging it seems as though our DNS servers are not replicating their cache with one another. Sometimes, the same listing may appear on both, but with different IP resolutions. It was my understanding that AD was supposed to handle the replication process.. is there something I should be looking for to aid in correcting the base problem? I'm not sure if my initial problem is caused by the replication issue or if it CAUSED the replication issue. It may be worth mentioning that one is running Server 2003 and the other is on Server 2008. Also, there is nothing abnormal in event viewer for either of them.
OCUWAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MrN1c3Commented:
There could be a number of reasons why these entries differ.  As you are using active directory integrated DNS, I would check the replication in the 1st instance, using replmon, and check event viewer for Replication errors.

http://www.mcmcse.com/microsoft/guides/replmon.shtml should get you started if you have not used replmon before

Are you using the domain controllers as dhcp servers?  If so are your DHCP servers set to update DNS?
0
sfossupportCommented:
Have you looked in the event logs. Did you set it up so that the DNS servers are listed on the name server tab of the ad dns. Check to make sure your nameservers are listed. It will not transfer info if they are not. Also check dns for NS records
0
Darius GhassemCommented:
Run dcdiag on the servers to check if replication is fully taking place. Make sure they both point to themselves as primary DNS and the other DC as secondary DNS. There should be no external DNS servers listed.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

sfossupportCommented:
Run dcdiag /fix to test and attempt to fix the dns issues.
 If thers are issues please post the results
    Good luck
0
OCUWAuthor Commented:
@MrN1c3 - I have not used "replmon" in the past but I will check the article you sent over and get back to you.  Yes, one of the servers is also running the DHCP role, I am not sure however how to verify replication between DHCP and DNS.  Will DHCP replicate to both DNS servers?

@sfosupport - Yes, I have reviewed the event logs and there appears to be nothing out of the ordinary.  I do not see an NS OU in my AD.  As for DNS, the NS entries are all correct.

@dariusq - I do not see an option to specify a secondary DNS.  They are both pointed to themselves as the primary, but I don’t see the option you describe for secondary.

I will try dcdiag and get back to you guys... thanks so far!
0
sfossupportCommented:
One more thing. Seems like the issue is local DNS resolution. This is probably handled thru DDNS. These are most likely defined on your dhcp server.
Did you set the dns settings on your dhcp server so that:
  Enable DDS
    Dynamically update DNS A and PTR record always
    Discard A and PTR records when done
   
0
OCUWAuthor Commented:
Ok, so I ran dcdiag and netdiag on my servers and all of them passed all the tests.  The only one that had issue was my 2008 DC running DNS.  This system was unable to replicate due to access denied errors.  I removed the UAC and these errors disapeard.

As for the DHCP portion, how should I configure my DHCP to ensure that it is properly setup?  Thanks!
0
OCUWAuthor Commented:
@sfossupport - In my DHCP it is set to
-Enable DNS dynamic updates according to the settings bellow (checked)
--Always dynamically update DNS A and PTR records
-Discard A and PTR records when lease is deleted (unchecked)
-Dynamically update DNS A and PTR records for DHCP clients that do not request updates (checked)
0
sfossupportCommented:
This is correct for dhcp. When you looked on your dns server in the forward lookup and reverse lookup did you see the name of the other server listed.
You want to make sure that they can share zone information
0
OCUWAuthor Commented:
Yes, they are properly listed on both DNS servers.
0
sfossupportCommented:
Are you using an ntp server. Have you checked the time on the servers ?

If not use repadmin to do some troubleshooting. Here is a link

http://technet.microsoft.com/en-us/library/cc773062(WS.10).aspx

 
0
Darius GhassemCommented:
When you go to the TCP\IP properties of the servers you should be able to add a secondary DNS server.
0
OCUWAuthor Commented:
Running dcdiag helped me to pin down the issue... ultimately I had to disable UAC for replication to complete.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.