Dynamic DNS in Windows Server 2008 and Updates
Not long ago a NIC was added to a VMs accidentally. The NIC automatically received and IP address from DHCP and then updated the DNS record for the server with this DHCP received address.
The NIC was removed, but the DNS update was not known until users were no longer able to reach the server via its DNS name. The DNS records were then manually changed to the correct IP, but an hour later they were automatically updated again to the same DHCP address as earlier from somewhere, and this time the NIC that had received the address was removed from the VM.
I was then unable to find the source of the DNS record update. This happened a couple of times more every hour as I searched. In the end I decideed to find the I the DHCP lease on the DHCP server and delete it, I also set up auditing/monitoring for changes of the DNS records in the zone. I checked the registry of the server which had the DNS record for any remnants of the NIC, and tried to list all network connections with various commands just to check for sure. I found nothing that shouldn't be there(ofcourse). After this all was done, the dynamic updates of the DNS record stopped. I then found this article:
http://technet.microsoft.com/en-us/library/cc771255.aspx
I have always thought that it was the DNS client that made the Dynamic DNS update, but then this time the client didn't have the NIC and thus not the IP that was being dynamically updated. Does the text in bold mean that the DHCP lease affects dynamic DNS updates, and that I needed to delete the lease from the DHCP server before the client stopped updating with the DHCP leased address? I would guess not.
Please suggest.
The NIC was removed, but the DNS update was not known until users were no longer able to reach the server via its DNS name. The DNS records were then manually changed to the correct IP, but an hour later they were automatically updated again to the same DHCP address as earlier from somewhere, and this time the NIC that had received the address was removed from the VM.
I was then unable to find the source of the DNS record update. This happened a couple of times more every hour as I searched. In the end I decideed to find the I the DHCP lease on the DHCP server and delete it, I also set up auditing/monitoring for changes of the DNS records in the zone. I checked the registry of the server which had the DNS record for any remnants of the NIC, and tried to list all network connections with various commands just to check for sure. I found nothing that shouldn't be there(ofcourse). After this all was done, the dynamic updates of the DNS record stopped. I then found this article:
http://technet.microsoft.com/en-us/library/cc771255.aspx
Dynamic updates can be sent for any of the following reasons or events:
* An IP address is added, removed, or modified in the TCP/IP properties configuration for any one of the installed network connections.
* An IP address lease changes or renews with the DHCP server any one of the installed network connections. For example, when the computer is started or if the ipconfig /renew command is used.
* The ipconfig /registerdns command is used to manually force a refresh of the client name registration in DNS.
* At startup time, when the computer is turned on.
* A member server is promoted to a domain controller.
When one of the previous events triggers a dynamic update, the DNS Client service (not the DHCP Client service) sends updates.
I have always thought that it was the DNS client that made the Dynamic DNS update, but then this time the client didn't have the NIC and thus not the IP that was being dynamically updated. Does the text in bold mean that the DHCP lease affects dynamic DNS updates, and that I needed to delete the lease from the DHCP server before the client stopped updating with the DHCP leased address? I would guess not.
Please suggest.
ASKER
Hello and thank you for your suggestions. There is information there that is useful. However these links link to articles that revolve around DDNS that does _not_ work. My case was opposite, record was updating even after the server no longer had the NIC that had the IP, or the IP that was poisoning the dns record, at all.
Can you check, DNS scavenging is enabled or disabled.
ASKER
Automatic scavenging is disabled.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Mahesh: I think you are misunderstanding my question a bit, but you describe the answer in your text in detail. It is generally the same as what Netman66 writes.
This was checked:
-> Enable dynamic DNS updates according to settings below:
-> Always dynamically update DNS A and PTR records
-> Discard A and PTR records when lease is deleted.
See last sentence that was checked, deleting the lease was also what solved the problem.
Thanks guys! Great! :)
This was checked:
-> Enable dynamic DNS updates according to settings below:
-> Always dynamically update DNS A and PTR records
-> Discard A and PTR records when lease is deleted.
See last sentence that was checked, deleting the lease was also what solved the problem.
Thanks guys! Great! :)
Ok, fine
Thanks for clarification
Last sentence:
Discard A and PTR records when lease is deleted
Just for FYI..
Even if you delete lease from DHCP server, This will not delete records in DNS automatically unless you set scavenging on DNS server.
Also scavenging needs to be set on DNS server and Zone level as well.
It is DDNS only who can auto update DNS records if changed by any means.
I can see from your earlier comments that Scavenging is not enabled in your case.
Check below article for more info
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted?forum=winserverNIS
To set scavenging:
http://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
To understand scavenging process correctly, check below article
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/
Mahesh
Thanks for clarification
Last sentence:
Discard A and PTR records when lease is deleted
Just for FYI..
Even if you delete lease from DHCP server, This will not delete records in DNS automatically unless you set scavenging on DNS server.
Also scavenging needs to be set on DNS server and Zone level as well.
It is DDNS only who can auto update DNS records if changed by any means.
I can see from your earlier comments that Scavenging is not enabled in your case.
Check below article for more info
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted?forum=winserverNIS
To set scavenging:
http://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
To understand scavenging process correctly, check below article
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/
Mahesh
ASKER
Thank you for further information. In my case, we deleted the DNS records that were wrong and manually created new ones that were right. However, they kept changing back to wrong because the DHCP lease was still there in the DHCP server even though the server with the DNS record was no loner receiving it. Deleting the lease stopped the automatic change to wrong IP of the DNS record, which happened every hour or so. And now I know why :)
Troubleshooting dynamic updates
http://technet.microsoft.com/en-us/library/cc756815(v=ws.10).aspx#BKMK_1
Solving Dynamic Update and Secure Dynamic Update Problems
http://technet.microsoft.com/en-us/library/cc959308.aspx
http://social.technet.microsoft.com/Forums/windowsserver/en-US/01df110e-c149-49ea-be13-58c7c9fabec0/dns-dynamic-updates-not-working?forum=winserverDS