Solved

Bizarre DNS issue on our Domain Controller

Posted on 2010-11-30
15
617 Views
Last Modified: 2012-05-10
We are having an unusual issue with DNS/DHCP on our Win2k3 domain controller. We have several static IPs which are used for database servers in our organization.

However, even though the individual NICs on each machine are configured statically and with the proper setting, our DNS server keeps changing its A record for one of our servers and handing out a DHCP address. This breaks connection for our end users as they connect to the database by FQDN. We forcibly deleted the incorrect record and re-added the correct static record. Additionally, we made sure the static IP is reserved in DHCP and will not be handed out. We went so far as to set the expiration date on the static A record thousands of hours into the future.

However, within 15 minutes the record had been changed once again and while we can get it to stay static for that amount of time, it keeps reverting. We have flushed the DNS cache several times and also cleared the DNS cache on the end user workstations, to no avail.

This issue first took place following routine server room maintenance on Friday 11/26. Neither of our domain controllers were modified in any way (the move was reorganizing some cabling and routers).

Neither myself or my co-administrator have seen this issue before. Any help is much appreciated!

Best Regards,
D
0
Comment
Question by:DamienStanton
  • 8
  • 7
15 Comments
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
You need to remove those IP addresses from your DHCP pool so that the DHCP server does not hand them out (and change DNS). You can do this using the DHCP scope exclusion range.
0
 

Author Comment

by:DamienStanton
Comment Utility
Hi Jcurrie,

We have excluded the static IP address from the DHCP pool. The issue is not that the static IPs are being assigned somewhere else.

Rather, the DNS record for the static IP in question (10.1.1.3) keeps reverting to a DHCP record (10.10.4.5). We cannot figure out why the record keeps changing back after 15 minutes or so.

Thanks,
D
0
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
which of these scenarios accuratly depict the problem?

A:
host-a > 10.10.4.5
dbserver > 10.1.1.3

after 15 min.

host-a > 10.10.4.5
dbserver > 10.10.4.5


B:
host-a > 10.10.4.5
dbserver > 10.1.1.3

after 15 min

host-a > 10.10.4.5
host-a > 10.1.1.3

0
 

Author Comment

by:DamienStanton
Comment Utility
Closer to scenario B. It only appears to be changing in DNS.

To clarify:

host-a > 10.10.4.254
dbserver > 10.1.1.3

After 15 minutes - several hours (we thought the issue was resolved but it did occur again later in the day)

host-a > 10.10.4.254
dbserver > 10.10.4.5

Since 10.1.1.3 is excluded from our DHCP pool, and included in the static reservations, it is not being assigned to any end user.

Thanks for your assistance!
0
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
ok so what host is at 10.10.4.5?
0
 

Author Comment

by:DamienStanton
Comment Utility
The 10.10.4.5 address is currently leased to host DIR-825. This is an end-user workstation.

However, in DNS the A record for DIR-825 points to 10.10.4.53.


0
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
a few things I would try

1) Is your DNS zone active directory Integrated?
2) Are your Dynamic Updates set to "Secure Only"
3) Check the Serial Number under the SOA tab of the zone on each of your DNS servers. You may have a Serial number out of synch and it's overwriting your changes when you manually create the A record.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
Also make sure scavenging is enabled on your DNS zone and set it to 2 or 3 days.


I think the issue has to do with your SOA serial number. The serial number is like a revision number and it increments up everytime you update the zone telling all the other DNS servers that you have made a change to the zone. If one of your DNS servers has a serial number that is too high, it will constantly overwrite your changes because the DNS infrastructure thinks that the server with the highest serial number has the latest zone revision.
0
 

Author Comment

by:DamienStanton
Comment Utility
1) Yes.
2) Yes.
3) I have checked the SOA. For our primary DNS server it is 69607, and for our secondary DNS server it is 69608.

The increment should be 1, correct?

Finally, scavenging is enabled and the no-refresh interval is 2 days / refresh interval is 3 days.
0
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
the increment is one. You may want to try manually updateing the A record on the primary server and incrementing the serial number a few clicks to make sure it takes prioity. Then goto your secondary server and do a manual zone transfer and check to make sure the record replicated properly to the secondary server.
0
 
LVL 4

Expert Comment

by:jcurrie
Comment Utility
also maybe run

ipconfig /registerdns

on both the db server and on DIR-825

I don't think that will fix the problem but it won't hurt anything and it might streighten out the record for DIR-825 at least.
0
 

Author Comment

by:DamienStanton
Comment Utility
Right now we are having to resort to manually changing that A record every hour to few hours. In the interim (once we correct the DNS record), flushing and registering DNS from the end user workstation fixes the problem until the next unexpected revert.

We have opened a ticket with Microsoft support to see if they can further troubleshoot.

This is quite an unusual problem as it appears to only be happening to one DNS record...
0
 

Accepted Solution

by:
DamienStanton earned 0 total points
Comment Utility
Solution discovered:

In Windows registry on the db server, GUID of one of the LAN interfaces was assigned the recurring incorrect IP address, and for some reason it reset on reboot even after the TCP/IP was configured manually.

The hardware was 6 years old, and the db has since been moved to a virtual server.
0
 

Author Comment

by:DamienStanton
Comment Utility
I did not properly understand the rating system. I would like to give this question an A as the results may help others in the knowledge base.
0
 

Author Closing Comment

by:DamienStanton
Comment Utility
Solution found
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now