Solved

Tracert Returning Spurious Computer Names

Posted on 2012-03-20
4
391 Views
Last Modified: 2012-03-21
Good Afternoon,

I have a strange issue that manifests when I use tracert locally on my LAN.
I discovered this after using tracert on the WAN.
I am not sure when this started but suspect it is a recent issue.

This is an 2003 AD single domain.
I run a tracert to a local workstation on the LAN specifying computer name.
The name resolves to the correct IP address without issue.
The route is found in one hop as expected.
The computername returned is incorrect. It seems like a random computer name in the domain.
I run ipconfig /flushdns, then tracert again.
The route is found in one hop as expected but another random computer name is returned.
I tried this yet again and got the following:

Tracing route to <workstation_name>.<our_domain>.LOCAL [10.25.1.10]
over a maximum of 30 hops:

  1     1 ms    <1 ms    <1 ms  hdesk-server.helpdesk.test [10.25.1.10]

Trace complete.



This makes no sense to me whatsoever as the computername and domain name bear no relation to our domain at all.
If someone can explain to me what this is all about, I would be very grateful.
I have a couple of other niggly issues and hope that the resolution to this issue may resolve them as well.

Any help appreciated.

Regards,
0
Comment
Question by:Scouser63
  • 2
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
raeldri earned 500 total points
ID: 37743860
when tracert returns names beside hops it uses reverse dns zones to determine these names. have you checked the rdns zone on your dns server?
0
 

Author Comment

by:Scouser63
ID: 37746596
Raeldri,

Nice one thanks.
I don't recall us using rdns zones as we have no need, but yes we do have one.
It is called 10.25.x.x Subnet and contains numerous folders named after the 3rd octet of the IP address and within these folders are the rdns entries.
There are numerours entries per IP address which accounts for the different names returned when running a tracert.
I have a couple of suplemental questions if you don't mind..
1. I don't recall setting up RDNS and don't think we need it; can I disable it and how?
2. Are there any disadvantages to disabling it?
3. Why does it not update like a forward zone? I have numerous instances of multiple computer names against a single IP address.
4. If I keep it, how can I get to refresh and keep up to date?

Regards.
0
 
LVL 7

Expert Comment

by:raeldri
ID: 37746979
Scouser63

Need for reverse DNS is determined by applications in use on your network it isn't needed for AD to function and mostly just one of those best practices to have in place for full name resolution. It can be disabled by simply deleting the zone, when running tracert's you'll simply see IP addresses instead of hostnames and certin network monitoring software wont be happy (opmanager is an example). Reverse DNS zones update the same as forward zones and like forward zones you need to enable DNS scavenging to clean up old records.

My suggestion is to enable DNS scavenging its a straight forward proccess which will remove the old stale records from the zone.

http://technet.microsoft.com/en-us/library/cc755716(v=ws.10).aspx
0
 

Author Comment

by:Scouser63
ID: 37746993
Raeldri,

Excellent, thank you.

Regards.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Resolve DNS query failed errors for Exchange
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now