[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

DNS entries for servers with a time stamp

Posted on 2011-03-07
9
Medium Priority
?
1,928 Views
Last Modified: 2012-05-11
I think we may have a few issues with our DNS and I am trying to resolve these.  The issues seem to be:-

1.  I have a number of servers that even though they have a static IP address in DNS they seem to have a timestamp date while others have static.  Is this correct or should they show static in the timestamp if they have a static ip address?

2.  I have a number of desktops who share an IP address  some of which have a time stamp date and the out of date machines have a static time stamp.  I assume it is safe to delete these old static records?

3.  I found a number of instances where I have two machines sharing an IP address (as I have already mentioned)  the problem also seems that one of the machines appears in the forward lookup zone but not the reverse and the other appears in the reverse but not the forward.  

I know these problems are not good but how do I go about fixing the issues?
0
Comment
Question by:WNottsC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 12

Expert Comment

by:Kent W
ID: 35062984
What DNS serve are you talking about here?

I'm going to assume MS, since this seems to mirror the common functions seen day in / day out.

If you are using AD w/ integrated DNS, or allow machines to update the server, it sounds like they are not correctly removing the old entries, and causing multiple hosts per IP.  Now, are you sure you are looking at forward zones, and not reverse?  In reverse, this is quite normal.  You can also end up with overlapping IPs if you have a machine that has been disconnected, so the IP is not in use, and another machine ends up getting that IP assigned via DHCP, or manually.  The record for the old machine doesn't get deleted, so you and up having an entry for the old and new machine, both at the same IP.
Unless you are getting actual IP conflicts, where these machines are being dolled out the same IP, you really just have a nuisance.  
There are ways ensure machines chaning IPs are updated correctly, and you can set scavenging time...but, I'll wait for a reply before going into any of that...I'm still not sure what DNS server you are using. :)
Questions that need to be answered:
What DNS server are you using?
More than one w/ master + slave?
Are you using AD / and or AD integrated DNS
Are you using DHCP? What is your lease life is so?
Are you using WINS servers?
What are the host machines OSs running? Win / Linux or a mix?  Servers, workstations, or a mix?

0
 

Author Comment

by:WNottsC
ID: 35063040
Questions that need to be answered:
What DNS server are you using?
You are correct we are using microsoft

More than one w/ master + slave?
We have more than one yes and I think they are master + slave yes

Are you using AD / and or AD integrated DNS
I think we are using AD integrated DNS

Are you using DHCP? What is your lease life is so?
Yes we are using DHCP.  The lease life is 8 days

Are you using WINS servers?
yes we are using WINS

What are the host machines OSs running? Win / Linux or a mix?  Servers, workstations, or a mix?
the servers are windows server 2008 R2 and the desktops are a mixture of windows XP and Windows 7
0
 
LVL 12

Accepted Solution

by:
Kent W earned 2000 total points
ID: 35074929
I don't think you really have an issue here, just some old DNS that didn't get removed when a host changed IPs. If you are sure of the new host+ip, you can remove the old records safely.
With AD and MS DNS, Windows machines, at least, should be if you have the TCP/IP DNS settings on "Register this connection's address in DNS".
Under each domain/zone entry on your DNS server, you can set (Properties, General tab) to allow Dynamic updates (none, secure, secure+nonsecure).  Setting just secure will only allow AD machines to update DNS directly, nonsecure will allow most anything.
This is also where you can set the aging/scavenging to remove stale records after X amount of time.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:WNottsC
ID: 35093214
Ok so you are say this seems ok.  However:-

1.  I have machines in the forward lookup zone but not in the reverse lookup zone.
2. I have machines in the reverse lookup zone but not in the forward lookup zone
3. I have machines that are in both zones but the forward timestamp is different to the timestamp for the reverse
0
 
LVL 12

Expert Comment

by:Kent W
ID: 35099964
On your DNS server(s) domains and individual Rev zones, what types of updates do you allow? Nonsecure and secure, or secure only?
Also check your aging...if this is really low, especially lower than your lease life on DHCP, you may be cleaning up records before they expire in DHCP.  At the DNS server level, properties, there is also a debug logfile you can turn on...that may help in tracking down the exact issue.  I'm assuming you've also checked your DNS Server Event logs to see if there are any bangs there?

The more I think about your symptoms, the more this seem like your scavenging is set too low.  What is your DHCP lease life vs. your scavenging settings?

0
 

Author Comment

by:WNottsC
ID: 35185970
Can I please revisit this.

To answer your question the DHCP lease life is the default and the scavenging settings are set to 7 and 7.

The more I look at DNS the more I think it is causing me problems.  For example Machines that do correctly have an entry in both the forward and reverse lookup but then each one has a different IP Address (although they only have a single network card)
0
 
LVL 12

Expert Comment

by:Kent W
ID: 35191484
For the rDNS, that is common...the old entry may not be deleted when the DHCP lease expires and the host grabs a new IP (thus setting a new rDNS).  All the windows based servers, at least, should be removing the old IP from forward DNS, that will definately cause problems, as multiple A's with one IP "no good" would be 50% unreachable...
Are you allowing secure and / or non-secure dynamic updates? (general tap under the zone properties...)
0
 

Author Comment

by:WNottsC
ID: 35191523
for the forward lookup zones and for all but 3 reverse lookup zones we are allowing secure and nonsecure.

Just out of interest I checked three machines that have forward lookups but no reverse lookup record and their IP address falls in one of the reverse zones that is set for only secure dynamic updates
0
 
LVL 12

Expert Comment

by:Kent W
ID: 35191732
That may be a clue...and Win-based domain member computers should be able to do the secure update, it's the other machines not technically on the network that would not be able to do dynamic updates.
Genearlly, I also see most Linux distros usually have issues setting or removing both, even with nonsecure allowed.
You may be able to see a pattern if you go through and clean everything up, then watch closely which machines and vs. dns security settings per zone are affected.  
Have you tried running the scavenge ever 1-3 days to clean up stale records? Anything shorter than the lease life should give you some relief, at least on the round-robin A records that are being created.
I haven't tried this, but you may also turn off the "Allow round robing DNS", if that fits your needs.
It would not allow two IPs for the same hostname.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
Resolve DNS query failed errors for Exchange
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question