tanskie
asked on
Static / Fixed DNS A record
Hi All,
Is there a way to create a fixed DNS A record? We're using an A record for our corporate portal. But it seems like there are devices that overwrites the A record.
Is there a way to create a fixed DNS A record? We're using an A record for our corporate portal. But it seems like there are devices that overwrites the A record.
ASKER
Thanks Draxonic. Yes the client's ip trying to overwrite the dns a record is on a dhcp scope. However, I think the solution that you mentioned is only temporary. If it gets another IP, it will automatically replace the A record.
What I'm looking for is how to lock the A record's IP.
What I'm looking for is how to lock the A record's IP.
Just add a DHCP reservation for that IP address and your server's network card MAC address. That way even if your server is not using DHCP, DHCP won't hand that IP address to any other machines
If the host that is taking the IP address gets a different IP, it will create a DNS entry with the different IP, allowing the corporate portal to keep its own record for that IP address.
You can either add it as an exclusion or add a reservation as MegaNuk3 suggests above. Either one should work. You can then add your A record for your corporate portal and you should be good.
If you have aging and scavenging turned on, you will also want to ensure the record does not expire.
You can either add it as an exclusion or add a reservation as MegaNuk3 suggests above. Either one should work. You can then add your A record for your corporate portal and you should be good.
If you have aging and scavenging turned on, you will also want to ensure the record does not expire.
ASKER
@MegaNuk3: the ip address intended for the portal server is not on any dhcp scope because it's a server and we don't have dhcp scopes for our servers. Also, the rogue device is on a different subnet. I can't reserve an IP of that device because it keeps transferring to another location which is on a different subnet. right now, we asked our network guys to block the mac address of the device. but what if it will transfer to another location, we can't just block or reserve him a different ip everytime it transfers. another challenge is that we cannot remotely manage the device because all of its ports are filtered and it's not found on the domain computers, so it's probably not joined to the domain.
@Draxonic: somehow, the rogue device with the same name as with our portal did not create a different record on the DNS. It keeps replacing the ip of the portal's A record. I also searched on the domain for the hostname but it did not return any result. Is it possible that a device not joined to the domain can be registered on the DNS?
@Draxonic: somehow, the rogue device with the same name as with our portal did not create a different record on the DNS. It keeps replacing the ip of the portal's A record. I also searched on the domain for the hostname but it did not return any result. Is it possible that a device not joined to the domain can be registered on the DNS?
Can you do an ipconfig /all on your server and ensure it is not showing as having another IP address associated with it which keeps overwriting your DNS?
Have you tried
Net view \\<ip address>
Or
Nbtstat -A <Ip address>
To see if they show any useful
Information as to what the other machine is
Have you tried
Net view \\<ip address>
Or
Nbtstat -A <Ip address>
To see if they show any useful
Information as to what the other machine is
ASKER
@MegaNu3: those commands won't work because the device is unreachable. however, when i ran nmap -P0 the result shows that the device is up. I then tried nmap -P0 -O to check the OS, but it wasnt able to detect the OS because there were too many fingerprints detected.
We got the machine's MAC from the DHCP server. We then asked our network guys to block it from the network and we traced the device. We found the device and renamed it.
My problem is how do we prevent this from happening again? Is there a way to lock a DNS record?
We got the machine's MAC from the DHCP server. We then asked our network guys to block it from the network and we traced the device. We found the device and renamed it.
My problem is how do we prevent this from happening again? Is there a way to lock a DNS record?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
The simplest solution to this is to find the DHCP server allocating the address and add the address as an exclusion and/or turn on conflict detection.