Castlewood
asked on
Why doesn't DNS server update its records in a timely manner?
I disconnected a pc from the LAN for a couple of days due to a bad hard drive. When I hooked it back to LAN, I checked and found the PC already successfully obtained the IP (.112) from the DHCP but the DNS server still shown this particular IP (.112) pointed to a different host name.
Then I intermittently used nslookup to look up that PC's name against that DNS server aiming to trigger the DNS record update in the DNS server. However, for about 1 hour I surprisingly found the DNS server still didn't update the record for the .112 IP. Therefore I manually deleted that wrong record and hope it will get updated with the correct one.
After another 1 hour, it still didn't get updated -- mostly surprisingly the IP (.112) again shown up and pointed to the wrong host name -- the original one which I manually deleted. I was so confused. So I Flushdns on the DNS server, and bingo it got updated correctly.
This is so confusing.... How can the DNS server not be able to automatically update its record? What could be wrong?
contained the wrong host, the DNS server still I
Then I intermittently used nslookup to look up that PC's name against that DNS server aiming to trigger the DNS record update in the DNS server. However, for about 1 hour I surprisingly found the DNS server still didn't update the record for the .112 IP. Therefore I manually deleted that wrong record and hope it will get updated with the correct one.
After another 1 hour, it still didn't get updated -- mostly surprisingly the IP (.112) again shown up and pointed to the wrong host name -- the original one which I manually deleted. I was so confused. So I Flushdns on the DNS server, and bingo it got updated correctly.
This is so confusing.... How can the DNS server not be able to automatically update its record? What could be wrong?
contained the wrong host, the DNS server still I
Aging and scavenging properties for the zones on a server.
This process setups the mechanism for performing cleanup and removal of stale DNS resource records, which can accumulate in zone data over time.
Assuming windows DNS and that you have access to the server..
Tech net info can be found here:
https://technet.microsoft.com/en-us/library/cc753217.aspx
To immediately remove server resource records that have exceeded the allotted time:
https://technet.microsoft.com/en-us/library/cc771027.aspx
This process setups the mechanism for performing cleanup and removal of stale DNS resource records, which can accumulate in zone data over time.
Assuming windows DNS and that you have access to the server..
Tech net info can be found here:
https://technet.microsoft.com/en-us/library/cc753217.aspx
To immediately remove server resource records that have exceeded the allotted time:
https://technet.microsoft.com/en-us/library/cc771027.aspx
ASKER
Thank you both for the reply. This PC was set to automatically obtain IP from DHCP. The most questionable phenomenon here is, DHCP server has assigned an IP (.112) to this PC for more than 2 hours but the DNS server still didn't update its record for this IP address .112.
Is a DNS server supposed to talk to DHCP server for the record update??
Is a DNS server supposed to talk to DHCP server for the record update??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
jmcg,
Yes, both our Windows domain controllers are with DNS and DHCP installed.
I double-checked and found both DHCP are set up to "always" enable DNS dynamic update. And also this client PC is with "Register this client in DNS" checked. So both solutions in that TechNet article have been there already.
What permission you mentioned could be involved? (When the issue occurred, this client PC was logged in with Domain Admin.)
Also what did you mean by "the issue of overlapped dynamic and lease reservation IP ranges"?
Yes, both our Windows domain controllers are with DNS and DHCP installed.
I double-checked and found both DHCP are set up to "always" enable DNS dynamic update. And also this client PC is with "Register this client in DNS" checked. So both solutions in that TechNet article have been there already.
What permission you mentioned could be involved? (When the issue occurred, this client PC was logged in with Domain Admin.)
Also what did you mean by "the issue of overlapped dynamic and lease reservation IP ranges"?
How are the two DCs set up to coordinate on DHCP?
DHCP lease reservations should be the same in both. Dynamic ranges should be separate (the TechNet articles also mention an 80-20 rule for dual DHCP servers).
It's best if the IP address range use for dynamic DHCP does not contain addresses used in DHCP lease reservations. That's the "overlap" I was referring to.
It's recommended that DHCP not run with Domain Admin privileges. But the account used has to have sufficient privileges to update DNS.
DHCP lease reservations should be the same in both. Dynamic ranges should be separate (the TechNet articles also mention an 80-20 rule for dual DHCP servers).
It's best if the IP address range use for dynamic DHCP does not contain addresses used in DHCP lease reservations. That's the "overlap" I was referring to.
It's recommended that DHCP not run with Domain Admin privileges. But the account used has to have sufficient privileges to update DNS.
DNS entries have a time-to-live value. Ordinarily, a resolver is expected to continue to hand out that particular name-to-IP mapping for as long as the TTL has not expired. After expiration, it is supposed to consult the network DNS service again to refresh the entry.
If you expected DHCP to hand out a particular IP address to this PC, I interpret that to mean that you have set up DHCP lease reservations. But for the address to have been handed out to another node while your PC was recovering from its disk problems, it means that your dynamic DHCP range and your reservations are overlapping - which sometimes leads to this sort of problem.
There are numerous settings for DHCP and DNS that affect the coordination of DNS updates. It's possible that your servers are not set up correctly for what you are trying to do. For instance, DHCP can check for an existing client on an IP address before assigning that address to a new DHCP client.