How to cleanup my reverse lookup zone in DNS
I am reviewing my reverse lookup zones in my DNS server and I have a lot of computers in there with the same name, but with different IPs.
What is the best way to clean it up? Can I just delete every entry for every reverse lookup zone?
At least for real/public IP A records + related PTR records.
Only the owners of Class C Networks can create PTR records that truly work.
If you are a hosting or provisioning company, then you own your IPS.
If not, then you lease IPs from the owners, thus any PTR records must be set by the Class C Network owner.
2) If you're creating fake/local PTR records (unsure what the purpose of these might be), you can do anything you like.
Delete them all + start over is likely best.
ASKER
This is a small organization, not an ISP.
So i am using a /22, and all my reverse look zone entries are all priviate IPs on my network. I didn't create them,
they just appeared there, so that's why I think it might be time for me to clean them up, if it's safe to delete them.
I have multiple MACs using DHCP that are using names from other computers, so I was hoping by cleaning out these records that it might resolve this issue. If not, at the very least, it will clean up my reverse point DNS records, I just wanted to make sure it won't "hurt" anything.
like arnold said, I will ensure that I do leave my server reverse pointer records in there, even though my servers are static so not sure if it matters.
ASKER
I was just asking if I can delete all the entries in my reverse lookup zone in my DNS? I'm getting from your answer that I could delete all of them and it won't cause any adverse effects.
ASKER
I figured out the exact problem, I just don't know how to solve it.
When a MAC is using DHCP, it does NOT update the DNS forward zone records
DHCP is working fine, when a MAC gets an IP lease, the correct computer name is listed in DHCP
It does try to use the DNS entry listed in the Reverse lookup zone
If a record with the IP address it has is already in there, it will use that DNS name in the remote sharing section and in terminal
If a record for the IP it's using is NOT in the reverse lookup zone, it will just use it's IP address in the remote sharing section and in terminal
DNS has been verified, in the reverse lookup zone, by default the setting is enabled "update associated pointer (PTR) record"
The MACs just don't update the PTR record, they only read it, so they will use it if it's in there, but will not update or add an entry
ASKER
So as I'm looking in my reverse Lookup zone, I noticed most of the entries are up to date, but there are some that are as old as a few years old.
Is it safe to delete any reverse pointer that is older than 2 weeks?
For example, I have a computer called ABC, and it's has an IP of 192.168.102.235
I can ping the IP address
I can NOT ping by name, the ABC, as that doesn't exit
When I do a nslookup on abc.mydomain.com, it can't find it
When I do a nslookup on mycomputer.mydomain.com, it finds it just fine
So I have old entries in the reverse lookup zone that the names don't exist anymore, but the IPs are in use
ASKER
Yes, got it, if it's a server or static IP, I won't delete it, but otherwise, I'll delete them.
ASKER
Thanks guys for your feedback.
Enable scavanging on the reverse zone.