Solved

DNS problem

Posted on 2014-12-04
22
115 Views
Last Modified: 2014-12-12
Hi all,

Just upgrading my domain to 2012 and now have a few issues with DNS, Weve started to have a few problems with config manager installs, when I looked at DNS I realised that there are multiple host records that have the same IP address? Is this misconfigured in some way? can how can I get around this problem?

You can see the example of the problem in the attachment.

dns.JPG
0
Comment
Question by:Matt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
22 Comments
 
LVL 7

Expert Comment

by:valmatic
ID: 40480493
Do you have your scavenge for stale records set at all for that zone? Sure does not appear so. With the time stamp you can tell it is dynamic but it is not purging any old ones. If it was something you added it would say static.
0
 

Author Comment

by:Matt
ID: 40480513
dns1.JPG
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40480794
Do you have scavenging enabled though on the actual server? That's the zone settings that I see there.

Right click your DNS server in the DNS snapin, and hit properties then click the advanced tab. Look at the bottom where it says "Enable automatic scavenging of stale records"

scavenge1.PNG
scavenge2.PNG
0
Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

 

Author Comment

by:Matt
ID: 40480817
Ah - thank you. I didnt have this enabled.

Is there anyway to force through a clean up?
0
 

Author Comment

by:Matt
ID: 40480822
Also as this is a 2012 server Ive also enabled the following:
dns2.JPG
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40480838
To force the scavenging now, right click your DNS server and select "Scavenge stale resource records".

Just a word of caution. If you have any dynamic DNS records that are tied to a server or a service that need to stay out there, make sure you right click that DNS record, hit properties and check the box to not delete the record when it becomes stale.

Here's a good article that is a good read on DNS scavenging.

http://blogs.technet.com/b/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx
0
 

Author Comment

by:Matt
ID: 40480867
So the different settings from the above screen shots. What should they be set to?
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40480901
How long are your DHCP leases valid before being released?
0
 

Author Comment

by:Matt
ID: 40480933
Default 7 days
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40480949
I would set your no refresh and refresh then to 7 days.
0
 

Author Comment

by:Matt
ID: 40480957
So having changed the settings and forced through a scavenge (be careful to uncheck the delete box on static addresses) IM still wondering why I have records in there that are months over the scavenge period:
dns4.JPG
0
 
LVL 4

Accepted Solution

by:
themightydude earned 500 total points
ID: 40480986
Under your scavenging / aging setup for the zone under the refresh / no refresh sections should be something that says:

This zone can be scavenged after: date / time.

That is based your refresh / no refresh intervals and is a safety net if you will to allow any devices out there the opportunity to update their DNS time stamp so they aren't scavenged.
0
 

Author Comment

by:Matt
ID: 40480995
So is it best to leave it now is is there a safe way to clean it up without having to wait 7 days..
0
 

Author Comment

by:Matt
ID: 40481000
Also, in terms of all my other DC's (7 of them on different sites) will these changes be replicated accordingly. Or do I have to repeat the process again? (unchecking the delete box for the static servers)
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40481005
You can go through and manually delete the records that you know are stale / no longer in use. Just right click and delete.  It should start scavenging in the next week or so automatically and keep the DNS records clean.

That article I posted goes over time frame, scavenging, etc in fairly good detail. I would recommend reading through it.
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40481007
If the record is deleted on this server / zone and that zone is also replicated / ad integrated with other DNS servers then those deleted records will be updated / replicated to the other DNS servers without having to make the same change.

So just leave it enabled on this server
0
 

Author Comment

by:Matt
ID: 40491015
Hi

Been monitoring the DNS with scavenging enabled but the records still dont seem to be being deleted. DNS event shows:

The DNS server has completed a scavenging cycle but no nodes were visited. Possible causes of this condition include:
 
  1) No zones are configured for scavenging by this server.
  2) A scavenging cycle was performed within the last 30 minutes.
  3) An error occurred during scavenging.
 
The next scavenging cycle is scheduled to run in 168 hours.
 
The event data will contain the error code if there was an error during the scavenging cycle.
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40491328
If you right click your domain under forward lookup zones and hit properties.
Go to Aging.

What does it say for: This zone can be scavenged after:
0
 

Author Comment

by:Matt
ID: 40491381
11/12/2014 16:00
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40491548
I'm assuming 11/12 = december 11?

If so the next run in 168 hours (7 days) should be successful. The zone hasn't aged enough yet to be marked for scavenging since it was enabled. Now that after tomorrow it will have aged enough, the next time it runs it should scavenge your records.

You can manually scavenge if you want on the 12'th.
0
 

Author Comment

by:Matt
ID: 40494252
So the message was that it ran at 4 o'clock today? Event shows

The DNS server has completed a scavenging cycle:
Visited Zones     = 14,
Visited Nodes     = 514,
Scavenged Nodes   = 50,
Scavenged Records = 37.
 
This cycle took 1 seconds.
 

But it still has removed old records. Im very confused.
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40494277
still has or hasn't?

I'm assuming hasn't.

Can you give me a screenshot of a couple records that weren't removed that you expected to be removed?
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question