Solved

Dynamic DNS in Windows Server 2008 and Updates

Posted on 2014-01-27
11
1,981 Views
Last Modified: 2014-02-22
Not long ago a NIC was added to a VMs accidentally. The NIC automatically received and IP address from DHCP and then updated the DNS record for the server with this DHCP received address.

The NIC was removed, but the DNS update was not known until users were no longer able to reach the server via its DNS name. The DNS records were then manually changed to the correct IP, but an hour later they were automatically updated again to the same DHCP address as earlier from somewhere, and this time the NIC that had received the address was removed from the VM.

I was then unable to find the source of the DNS record update. This happened a couple of times more every hour as I searched. In the end I decideed to find the I the DHCP lease on the DHCP server and delete it, I also set up auditing/monitoring for changes of the DNS records in the zone. I checked the registry of the server which had the DNS record for any remnants of the NIC, and tried to list all network connections with various commands just to check for sure. I found nothing that shouldn't be there(ofcourse). After this all was done, the dynamic updates of the DNS record stopped. I then found this article:
http://technet.microsoft.com/en-us/library/cc771255.aspx

Dynamic updates can be sent for any of the following reasons or events:
* An IP address is added, removed, or modified in the TCP/IP properties configuration for any one of the installed network connections.

* An IP address lease changes or renews with the DHCP server any one of the installed network connections. For example, when the computer is started or if the ipconfig /renew command is used.

* The ipconfig /registerdns command is used to manually force a refresh of the client name registration in DNS.

* At startup time, when the computer is turned on.

* A member server is promoted to a domain controller.

When one of the previous events triggers a dynamic update, the DNS Client service (not the DHCP Client service) sends updates.

I have always thought that it was the DNS client that made the Dynamic DNS update, but then this time the client didn't have the NIC and thus not the IP that was being dynamically updated. Does the text in bold mean that the DHCP lease affects dynamic DNS updates, and that I needed to delete the lease from the DHCP server before the client stopped updating with the DHCP leased address? I would guess not.

Please suggest.
0
Comment
Question by:itnifl
  • 4
  • 2
  • 2
  • +1
11 Comments
 
LVL 11

Expert Comment

by:Manjunath Sullad
ID: 39811546
0
 
LVL 2

Author Comment

by:itnifl
ID: 39811557
Hello and thank you for your suggestions. There is information there that is useful. However these links link to articles that revolve around DDNS that does _not_ work. My case was opposite, record was updating even after the server no longer had the NIC that had the IP, or the IP that was poisoning the dns record, at all.
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
ID: 39811627
Can you check, DNS scavenging is enabled or disabled.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 2

Author Comment

by:itnifl
ID: 39823340
Automatic scavenging is disabled.
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 200 total points
ID: 39879156
If you have your DHCP server set to update DNS records on behalf of client then that is your culprit.  This feature is there for clients that don't have the ability to update their own records, but given most do you can likely uncheck that option.
0
 
LVL 36

Accepted Solution

by:
Mahesh earned 300 total points
ID: 39879286
Some questions here please

Do you have added second NIC accidently ?

and

Do you removed this extra NIC ?

OR

do you mean that somebody has replaced existing virtual NIC with new one \ changed its static IP to dynamic and that's why its getting DHCP IP ?
(I guess this is what happened in your case based on your question hopefully)

Your comment:
The DNS records were then manually changed to the correct IP, but an hour later they were automatically updated again to the same DHCP address as earlier from somewhere, and this time the NIC that had received the address was removed from the VM.

If I assume that you have removes second NIC, then probably you could remove the another DNS record from DNS which will not be created again regardless of DDNS settings as there is no NIC to register DNS record for what so matter.
But this is not happened, means I guess you have not added another NIC, right ?

Now from your comment, you said that you have modified that record, I guess you have only single NIC and somebody has changed its static IP to DHCP twice or somebody has deleted existing NIC with static IP and added new NIC may be twice and that's why your DNS record is got updated twice.

Upto windows 2003, sending updates to DNS server by client computers is taken care by DHCP Client Service (http://support.microsoft.com/kb/816592)
From 2008 server is taken care by DNS client Service on client computers (you have provided that article)

Now I am coming to DHCP server advanced options:
Dynamically update DNS A and PTR records only if requested by the DHCP clients
What this means, client computers will update there Host(A) records with DDNS feature only if zone is set to secure dynamic update and PTR records will be updated by DHCP servers

Always dynamically update DNS A and PTR records, what it means only DHCP will register Host (A) records and PTR records in DNS zone regardless of whether the client has requested to perform its own updates provided that zone is set to secure dynamic updates.

Again, DDNS is true only if IP is changed by any means \ reasons, hence without replacing NICs \ manually changing it IP from static to DHCP, dns record change is not possible
I believe there will not be any magic.

If your DHCP server is installed on Domain Controller and If secure dynamic update is set on DNS zone, then you must set credentials in DHCP Console under IPV4 properties, advanced tab\credentials, otherwise your dynamic update will fail on DNS server
I know this not your case, but just for FYI

Mahesh
0
 
LVL 2

Author Closing Comment

by:itnifl
ID: 39879364
Mahesh: I think you are misunderstanding my question a bit, but you describe the answer in your text in detail. It is generally the same as what Netman66 writes.
This was checked:
-> Enable dynamic DNS updates according to settings below:
-> Always dynamically update DNS A and PTR records
-> Discard A and PTR records when lease is deleted.

See last sentence that was checked, deleting the lease was also what solved the problem.

Thanks guys! Great! :)
0
 
LVL 36

Expert Comment

by:Mahesh
ID: 39879417
Ok, fine
Thanks for clarification

Last sentence:
Discard A and PTR records when lease is deleted

Just for FYI..
Even if you delete lease from DHCP server, This will not delete records in DNS automatically unless you set scavenging on DNS server.
Also scavenging needs to be set on DNS server and Zone level as well.
It is DDNS only who can auto update DNS records if changed by any means.

I can see from your earlier comments that Scavenging is not enabled in your case.

Check below article for more info
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted?forum=winserverNIS

To set scavenging:
http://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx

To understand scavenging process correctly, check below article
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/

Mahesh
0
 
LVL 2

Author Comment

by:itnifl
ID: 39879452
Thank you for further information. In my case, we deleted the DNS records that were wrong and manually created new ones that were right. However, they kept changing back to wrong because the DHCP lease was still there in the DHCP server even though the server with the DNS record was no loner receiving it. Deleting the lease stopped the automatic change to wrong IP of the DNS record, which happened every hour or so. And now I know why :)
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now