Solved

DNS resolution problem - nslookup not resolving

Posted on 2012-03-15
25
906 Views
Last Modified: 2012-08-06
I have a network of 25 workstations and 1 server that is acting as the DHCP and DNS server. I've noticed on some of my workstations that when I use nslookup, the IPs and hostnames do not resolve. When I enter nslookup hostname, it returns my server's IP (which is correct), the hostname of that workstation, and an IP address.

When i enter nslookup and the IP address that it just stated belongs to that machine, I still get the correct DNS server IP, but I get a completely different hostname. Example of what's happening (changed IPs and hostnames):

command>
nslookup MYWRKSTATION001

results>
Server: MYSERVERNAME
Address: 192.168.100.250 (server; this IP is correct)

Name: MYWRKSTATION001
Address: 192.168.100.225 (IP that NS lookup says is issued to MYWRKSTATION001

command>
nslookup 192.168.100.225

results>
Server: MYSERVERNAME
Address: 192.168.100.250 (again, the server IP is correct)

Name: SOMEOTHERWORKSTATION005
Address 192.168.100.225 (now the lookup is saying that this IP belongs to a different machine)

I have scavaging enabled on the server. All the workstations are set to automatically detect the DNS server, which they seem to be doing correctly. I believe this is causing some problems with my network. If anyone can steer me in the right direction on how to fix this, it would be much appreciated. I'm just a beginner with DNS, so please go easy on the instructions :)
0
Comment
Question by:jbarnette
  • 14
  • 6
  • 2
  • +3
25 Comments
 
LVL 3

Expert Comment

by:Dhanesh Kansari
ID: 37724557
Do u have any other device which act like DHCP server like router or Modem Etc?

I mean to say that have a look on other device is it DHCP server is enable on that device?
0
 

Author Comment

by:jbarnette
ID: 37724595
No, i have DHCP turned off on all other routers and devices. The only thing issuing IPs is my server.
0
 
LVL 3

Expert Comment

by:Dhanesh Kansari
ID: 37724651
have you created Reverse Lookup Zone.??
0
 

Author Comment

by:jbarnette
ID: 37724766
Yes reverse lookup for our network exists in DNS
0
 
LVL 17

Assisted Solution

by:Premkumar Yogeswaran
Premkumar Yogeswaran earned 167 total points
ID: 37724817
hi,
Check for the below options...

Option1:
In DNS MMC right click server and click scavenge stale resource records

Option 2:
Make sure enable automatic scavenging enabled.
Select Server - selecting properties, going to the advanced tab and checking the "Enable automatic scavenging of stale records" checkbox.

The link below is excellent for DNS Scavenging.

Refer this link once:
http://blogs.technet.com/b/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx
0
 

Author Comment

by:jbarnette
ID: 37725035
Thanks, but i already have scavenging enabled on the zone.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37725066
Scavenging will only delete records that have been aged.
It could be that these are static records so scavenging won't delete them.

You can check your DNS zone to confirm that there aren't actually duplicated records.
Do you have many static entries? Either A or CNAME records?
You can manually age all records or delete all records by doing the following:

1. Make a backup of your DNS zones.
DnsCmd <ServerName> /ZoneExport <ZoneName> <ZoneExportFile>

Open in new window


2. Age all records OR delete all records
 DnsCmd <ServerName> /AgeAllRecords

Open in new window

OR
Open the DNS console, sort by record type and then all the A records.
N.B. Always backup before deleting.

Your servers and clients are pre-configured to re-register themselves in DNS on any of the following conditions:
- a DHCP lease is renewed/issues
- Netlogon service is restarted (including when the physical machine is restarted)
- run ipconfig /registerdns
or
- automatically once every 24 hours
0
 

Author Comment

by:jbarnette
ID: 37725279
Well, here's the deal. I had enabled scavenging on the server, but not the zone. I was looking at the time stamps on some of the records and there were many from 2011, 2010, and even 2009 allocated to devices that probably are not even here any more.

Here's the problem, our DHCP address pool is only set between xxx.xxx.xxx.200-250, so there are only 48 or so leases that can be available. This is sufficient for our network since we only have 30-40 devices that may connect at any one time. My concern is that with all these stale records sitting arount, could active devices be getting issued IPs that are already assigned to another device that no longer exists because the record was never deleted...

I went through the instructions in the link above and enabled scavenging on the zone. The only thing now is that when i go to Properties on the zone>General tab>Aging, the "The zone can be scavenged after" date and time box is grayed out and I cannot enter a value here.

I hope i'm making sense. I'm new to all this. Thanks for all your help!
0
 

Author Comment

by:jbarnette
ID: 37726197
Thanks i'll give your suggestions a try
0
 

Author Comment

by:jbarnette
ID: 37726457
Should i wait until most everyone is gone for the day before I age the records, or can i just do it anytime? will users lose connection?
0
 
LVL 2

Expert Comment

by:dipesm
ID: 37727500
how many computers do connect to your network that receives dhcp and dns records from your server?
****we only have 30-40 devices that may connect at any one time**** does it mean you have more than these devices? In this case if a latter connected device receives IP of a previously assigned IP (which is now disconnected from the network) your other clients still has the record of the previous workstations. so either increase the subnet of the network fully sufficient for the clients or try ipconifg /flushdns in your workstation to remove cached dns records from them.
0
 

Author Comment

by:jbarnette
ID: 37727790
No we would never have more than 40 devices total though not all of them at the same time.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 26

Expert Comment

by:Leon Fester
ID: 37728149
Aging the records, just sets the time stamp on the record so that when scavenging runs it will compare the timestamp and delete the records based on the age of the record. So you can age it any time.

No you don't need to extend the network range...
Your DHCP Server will still keep the leases so you don't run the risk of getting a device picking up an IP address that is already in use.

DNS cache will be deleted after 1hour, so it's better to delete the records after hours so that you don't have to run around to all machine and ipconfig /flushdns.
0
 

Author Comment

by:jbarnette
ID: 37729081
I tried the commands and none of the timestamps on any of the dns records changed. I'm a bit confused about how DHCP and DNS are working together, because they don't seem to be at all. In DHCP i have 46 ip leases (some are phones), but in DNS, there are not many items that seem to match. For example:

There are IP leases in DHCP and no records for them in DNS, some in DHCP that have no hostname in DHCP, but does in DNS for that IP, and some in DHCP that have one hostname, and in DNS have another.

Shouldn't DHCP and DNS be working together somehow?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37729199
It will work together if it's been configured correctly.
Check instructions in the following KB article to configure your DHCP server to register DNS records for all clients.
http://support.microsoft.com/kb/816592
0
 

Author Comment

by:jbarnette
ID: 37776521
I think i have this set up like this. The forward lookup seems to be working, updating the records, all records have up-to-date time stamps. It's the reverse lookup zone that has old timestamps and old records. I set scavenging and the time lapsed but nothing changed on the reverse lookup.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37784666
Check the security levels on your Zone, you need to be able to edit them.
A quick fix, would be to delete all the records and let them re-register again.

Do you have any people working on weekends?
It would be repopulated by Monday if you deleted them on Friday evening.
0
 

Author Comment

by:jbarnette
ID: 37787945
I might try that. There are no employees working on the weekend. I still don't understand why they are not updating. All the A records in the forward zone have up-to-date timestamps that were issued within the last one or two months. Most of the pointer records in the reverse zone have stamps dating 2011 and some 2010 and 2009. Scavenging is set but is seems to have no affect on the reverse zone. The security is the same as the forward zone, the server default. And unless wrong, aren't the forward and reverse lookup zone IPs and Hostnames supposed to match?

Now we did change servers back in 2010 and everything was copied over to the new one. Could that be causing it? You think that if I just delete all the pointer records in the reverse zone, then it will repopulate and that will correct our resolution problems? I can do that tonight...

Thanks for your help!
0
 

Author Comment

by:jbarnette
ID: 38053529
I deleted all the pointer records in the reverse zone over 2 months ago. Since then they have not automatically repopulated. The forward zone seems to be updating fine. How do I get the reverse zone to auto-populate as well?
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 38053687
Strange behaviour indeed.

I'd start be deleting the reverse lookup zone and then adding it again.
Just to make sure it's not some settings that was changed and forgotten about.

You can configure using the "classful" IP addressing.
http://support.microsoft.com/kb/174419
Per subnet would be for more granular control and larger networks.
0
 

Author Comment

by:jbarnette
ID: 38053735
Wow this looks complicated. Please check this link:
http://www.windowsreference.com/dns/how-to-create-dns-reverse-lookup-zone-in-windows-server-2003/
Could i use this to accomplish what's needed after I delete the zone? (Thanks for the tip, but I'm a beginner and sometime the microsoft KBs are too complicated)
0
 
LVL 26

Assisted Solution

by:Leon Fester
Leon Fester earned 166 total points
ID: 38053752
No worries :)
That is a much simpler link, go for it...just couldn't find anything link that when I was searching.

Once you've re-created the reverse lookup zone, go to the forward lookup zone, open an existing record and then click "Update associated pointer (PTR) record"

Give it a few minutes and then check if it populated correctly.

You can then either:
- do the same for all the records
- restart the workstation
- leave them to populate during the normal registration cycles.
0
 

Author Comment

by:jbarnette
ID: 38054192
Good deal. I'll try this and reply with my results.
0
 
LVL 13

Accepted Solution

by:
markusdamenous earned 167 total points
ID: 38055575
In DHCP, right click on your server and choose Properties.
Click Advanced.  Then, click the last option for DNS dynamic updates credentials.

Do you have a user configured here?

Also, see this MS article for some reading on the topic:
http://technet.microsoft.com/en-us/library/cc787034%28v=ws.10%29.aspx
0
 

Author Closing Comment

by:jbarnette
ID: 38262797
Everything has started working. Thanks for your help!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now