?
Solved

DNS/DHCP issue

Posted on 2014-10-13
8
Medium Priority
?
497 Views
Last Modified: 2014-10-14
Hello Everyone,

I am in the process of pushing new AV client to all clients from new ePO server in Toronto , and I am struggling with some DNS/network issues.

When a user located in Miami works from home it should get an IP address from the RAS VPN range in London or another VPN connection. Once the user is back to office, the computer picks up another IP address from internal network, however the DNS record is not been updated properly, therefore the only workaround, is  to manually delete the DNS record with the old IP address[IP obtained from VPN], wait for DNS replication and push the client again.

All users are either located in Miami or London, We have multiple servers across all regions, and the main AV server in located in Washington

For example

User A laptop setting:

Name: xxxxxxxxxx

Current DNS IP address record: 172.20.x.x

Current IP address assigned to laptop: 172.26.x.x

User B laptop setting:

Name:  yyyyyyyy

Current DNS IP address record: 1.0.x.x

Current IP address assigned to laptop: 172.26.x.x

The only difference I've noticed on the DHCP scope in Servers in London and Miami, is the DNS dynamic updates settings in the DHCP scope. Please see attached files

Can anyone point me on the right direction?
serverLondon.jpg
serverMiami.jpg
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 26

Expert Comment

by:DrDave242
ID: 40377406
Try configuring the London DHCP server to Always dynamically update DNS A and PTR records like the Miami server, and make sure both DHCP servers are members of the built-in DnsUpdateProxy group, so that each one can update DNS records registered by the other one.

More information on DHCP/DNS interaction can be found here.
0
 

Author Comment

by:Jerry Seinfield
ID: 40377667
HI DrDave, forgot to say that my DHCP servers at all locations are Windows 2003 R2 servers. The link attached above, applies to Windows 2008

Any other ideas?
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40377708
Sorry - a comparable article for 2003 is here. I don't believe there are any significant differences between the two, though.
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 

Author Comment

by:Jerry Seinfield
ID: 40377814
Dr Dave, to prevent this issue in the future, what would be the ideal configuration on all DHCP servers? please pick one of the below, and explain the reasons


1. To dynamically update DNS A and PTR records only if requested by the DHCP clients.
2. Always dynamically update update DNS A and PTR records

Can you please indicate all steps to add DHCP servers for different locations to be part of DnsUpdateProxy group? Please step-by-step
0
 

Author Comment

by:Jerry Seinfield
ID: 40378381
Can i get an update to my last reply? Thanks in advance
0
 
LVL 26

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 40378798
I intended my comment as a suggestion for resolving the current issue (a "try this and see if it works" type of thing), rather than a policy to be implemented from now on. It would be a good idea to do some testing with one configuration or the other to see which one gives better results in your environment before deciding that one will always be put in place.

Windows DHCP clients (from Windows 2000 onward) should be able to manage their own dynamic DNS registrations, so there shouldn't be a need for the DHCP server to do it for them. I suspect the issue in your case is caused by the differing configurations on the two DHCP servers. Since one of them is configured to always register A and PTR records for clients, that server ends up owning those records, and they can't be modified by the clients themselves or the other DHCP server. I suspect that choosing either of the two configurations you posted will resolve the issue, as long as both servers are configured the same.

If you do choose Always dynamically update update DNS A and PTR records, the DHCP servers should be added to the DnsUpdateProxy group if your environment allows only secure dynamic updates to DNS (which is the recommended configuration for AD-integrated zones). Adding the DHCP servers to that group is a simple process:

1.

Open the AD Users and Computers console and locate the DnsUpdateProxy group, which is in the Users container by default.

2.

Right-click the group and select Properties.

3.

Select the Members tab of the properties window and click the Add... button.

4.

Click the Object Types... button and select Computers, then click OK.

5.

Type the names of your DHCP servers separated by semicolons and click Check Names.

6.

Assuming the names are valid, click OK until all property windows are closed.
If any of your DHCP servers are also domain controllers, it is recommended for security reasons that you create a designated service account for DHCP to use when registering or updating DNS records. This is discussed in the link I posted in my previous comment.
0
 

Author Comment

by:Jerry Seinfield
ID: 40380965
Thanks Dr

Once I applied the changes below in all dhcp servers,

Should I restart the DHCP servers and DNS server/zones?

Please advice
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40380973
Actually, I don't think anything needs to be restarted to make these changes.
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question