Solved

Help with DNS Statis entry ending in 0 (10.1.1.0)

Posted on 2016-07-16
12
78 Views
Last Modified: 2016-07-18
I'm a not a network guy but trying to get up to speed with our DNS configuration on this Windows 2008 R2 server..  In the image below I have received advice that the static 10.1.1.0 entry is not required and in fact can cause problems.  Is this correct?  What does this entry indicated?

dns
Also, the record above (10.1.1.252) is not known to use and does not respond to pings.  Given it was last updated in 2015 I'm considering deleting it.   Shouldn't these records expire automatically?
0
Comment
Question by:canuckconsulting
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 27

Expert Comment

by:Dr. Klahn
ID: 41714698
Some more information would be helpful.

What is the IPv4 setup for your network?  In particular, what address is the network gateway using?

The network appears to be located on 10.1.1.0, from what I see in the image above.  If that is the case, the entry for 10.1.1.0 is probably a static route to the network default gateway.

The Angry IP Scanner is useful for scanning networks to see what devices are present and responding.  Note:  Some virus scanners flag AIPS as a "hacking tool."
0
 

Author Comment

by:canuckconsulting
ID: 41714703
Sorry, I should have provided more detail.

We have a local site at our office and a number of remote servers at Hosting.com.  We have two 2003 DC's locally (IPS 10.1.1.250 and 10.1.1.251).  We have one 2008 DC set up a the remote site with IP 7*.*.*.*.

The image I provided in my original question is the DNS server located at Hosting.com. Below is the output of ipconfig run on this remote DC.  Is there anything else that would help?


IPConfig
0
 
LVL 2

Expert Comment

by:JesNoFear
ID: 41714707
is this a windows domain DC?

If this is a domain controller, the only DNS entry you should have should be 127.0.0.1

What this means is when that host is trying to resolve DNS entrys, it only looks to its own DNS records to resolve.

That being said, if you are trying to have your server resolve to the outside you will need to setup forwarders to public DNS servers to get records of web address you are not hosting a namespace for.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 2

Expert Comment

by:JesNoFear
ID: 41714708
another note, Static entry's never auto purge, Only dynamic entry's auto purge. if you have specifically added an entry the intention is you know what you are doing and it will stay forever. hints the word Static.
0
 
LVL 27

Accepted Solution

by:
Dr. Klahn earned 250 total points
ID: 41714711
imo:  Since 10.1.1.0 is not the default gateway or one of your DNS servers, I can't see the need for a static host entry unless there's something unusual located at that address.
0
 

Author Comment

by:canuckconsulting
ID: 41714718
JesNoFear - yes it's a DC running both the AD and DNS roles.  Regarding auto-purge/expring, I was referring to the non-static entry 10.1.1.252 above it.  Why would that not have disappeared over time?


Dr. Klahn - the person who advised me to delete it indicated this was a practice used back in NT4 servers.  He thought maybe whoever set it up hadn't realized this was no longer required.  Does that make any sense to you?
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 125 total points
ID: 41714724
It looks like the server is configured to run Routing and Remote Access (which means it hopefully has TWO NICs) - and is acting as the router for the network.

One strong clue for this is that your gateway configured on the server is a public  IP address.

As you probably know this is most likely a horrible configuration and incredibly vulnerable.

But don't just delete it -- you'll take down your entire network.

Look at workstations and see if their gateway is showing as that address.
0
 

Author Comment

by:canuckconsulting
ID: 41714742
Jeffrey Kane - TechSoEasy - What is the clue that it is running Routing and Remote Access?  It only has one nIc.  This thread is getting my heart rate up!

The other servers on this subnet (only servers are hosted at Hosting.com) are using that same external gateway.  Another question; given I'd blanked out all but the leading 7 of the gateway, how did you know it was an external ip?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 41714748
Private addresses start with 1: 10.x.x.x, 172.16-31.x.x, 192.168.x.x, everything else is public (external)
1
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 41714760
Right, the leading 7 gave it away.
0
 
LVL 17

Assisted Solution

by:Learnctx
Learnctx earned 125 total points
ID: 41714918
If this is a domain controller, the only DNS entry you should have should be 127.0.0.1
Incorrect, this goes against Microsoft guidance. A domain controller should point to another domain controller in its site as primary and should contain its loop back as a tertiary at least somewhere in the list of servers.

DNS best practice advice from the Microsoft directory services team here: https://blogs.technet.microsoft.com/askds/2010/07/17/friday-mail-sack-saturday-edition/#dnsbest
DNS BPA recommendations here: https://technet.microsoft.com/en-us/library/ff807362%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

There are always exceptions to this and I would say a satellite site with 1 DC and a link that did not offer good performance or reliability would be one scenario where you would want the primary as the loop back and the tertiary as an off site DC.
0
 

Author Closing Comment

by:canuckconsulting
ID: 41717310
Thanks for the great help.  I will be removing the static entry outside of working hours to test.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question