A records go missing.

[Lincoln De Kalb]

Hi all,

I have a few A records that I manually added go missing. They are static
IP's that are excluded from the DHCP scope. DNS is AD integrated in a W2k3
Domain.

It seems to only be the machine name that goes missing, not other A records
pointing to the same IP. I.e. I have server1 = 192.168.10.102 and companyweb
= 192.168.15.102 but only the server1 entry goes missing.

How can I go about troubleshooting this? The DNS.log is full of alot
information and hard to decipher what it means.

Thanks heaps in advance
Lincoln

 

[Herb Martin]

Hi all,

I have a few A records that I manually added go missing. They are static
IP's that are excluded from the DHCP scope. DNS is AD integrated in a W2k3
Domain.

It seems to only be the machine name that goes missing, not other A
records pointing to the same IP. I.e. I have server1 = 192.168.10.102 and
companyweb = 192.168.15.102 but only the server1 entry goes missing.

How can I go about troubleshooting this? The DNS.log is full of alot
information and hard to decipher what it means.

Make sure you NEVER check the checkbox "Delete this record when it
becomes stale" or "let any user update record" (when creating it).

The former only shows if you turn on Advanced view (in Win2003 at least.)

For some reason people check these boxes and the records get scavenged
when they appear to be dynamic AND stale.

 

[Lincoln De Kalb]

Thanks Herb,

I dont have the option "Delete this record when it becomes stale", only
"Create PTR" and "allow any authenticated".

There is a "time to live(ttl):" field that defaults to 0:1:0:0 i.e. TTL =
1hour. The record definetly last's longer than 1hour so didn't think this
was it. Is it?

Cheers
Lincoln

 

[Herb Martin]

Thanks Herb,

I dont have the option "Delete this record when it becomes stale", only
"Create PTR" and "allow any authenticated".

Did you turn on Advanced View? Delete this record only shows in
advanced view...

There is a "time to live(ttl):" field that defaults to 0:1:0:0 i.e. TTL =
1hour. The record definetly last's longer than 1hour so didn't think this
was it. Is it?

TTL is irrelevant to this problem -- it is how long a FOREIGN DNS
server or client should cache your records, e.g., if my DNS server
resolves one of your names, how long can we safely remember it.

 

[Lincoln De Kalb]

Herb,

Really appreciate the help and rapid response....

I have Advanced view enabled i..e view > advanced. but nothing about
deletion of the record. Ive got adminpak.msi installed on a Windows XP
machine, though I also checked the DNS snapin on the DNS server as well and
it';s the same.

What am I missing here?

Cheers
Lincoln

 

[Herb Martin]

Herb,

Really appreciate the help and rapid response....

I have Advanced view enabled i..e view > advanced. but nothing about
deletion of the record. Ive got adminpak.msi installed on a Windows XP
machine, though I also checked the DNS snapin on the DNS server as well
and it';s the same.

What am I missing here?

Maybe you have Win2000 since I just looked at my Win2003 and saw it there
with Advance view enabled on a MANUAL A-host record.

 

[Lincoln De Kalb]

I found what you were referring to, it shows up when you right click and
select > other new records and choose A records. If you use the shortcut to
create A records that option doesn't show up.

So, i'm not sure that this is the problem, though i'll create records using
the "other new records" options and monitor.

 

[Ace Fekay [MVP]]

In

Hi all,

I have a few A records that I manually added go missing. They are
static IP's that are excluded from the DHCP scope. DNS is AD
integrated in a W2k3 Domain.

It seems to only be the machine name that goes missing, not other A
records pointing to the same IP. I.e. I have server1 = 192.168.10.102
and companyweb = 192.168.15.102 but only the server1 entry goes
missing.
How can I go about troubleshooting this? The DNS.log is full of alot
information and hard to decipher what it means.

Thanks heaps in advance
Lincoln

What type of record are you trying to create? Is the record you are trying
to create but keeps disappearing a CNAME (alias) record?

--
Ace
Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only constant in life is change...

 

[Lincoln De Kalb]

Nope it's an A record.

I've never found a good explanation for using CNAME's. Perhaps as a pointer
to foreign A records?

 

[Herb Martin]

Nope it's an A record.

I've never found a good explanation for using CNAME's. Perhaps as a
pointer to foreign A records?

Aliases for any A record (in theory). The idea was that a machine
would have a formal name but also need to be known by other names
for different purposes, or services. Some services, have 'canonical'
(or standardized) names such as FTP, or WWW for web servers.

Thus a Canonical Name or CNAME record would allow Server27
to also be known as FTP or WWW.

 

[Ace Fekay [MVP]]

In

Nope it's an A record.

I've never found a good explanation for using CNAME's. Perhaps as a
pointer to foreign A records?

Herb gave you a good explanation of cnames.

Can you give us an example of the A record you are trying to create?

Is the zone you are trying to create it on an AD INtegrated, Primary or
Secondary zone?

Can we see your current records in your zone so we can compare the record
you are trying to create compared to what already exists? You can do that by
running this command and copying/pasting the output with your next reply:

dnscmd /enumrecords /zone yourzonename.com

To install the DNSCMD command, all you need to do is install the Support
tools located on the Windows CDROM under the Support folder. Double click
suptools.msi to install it. Then open up a CMD window and run the above
command.

Thanks,

Ace

 

[Lincoln De Kalb]

Here's a subset of the output. the record that keeps disapearing is
syd01as0002. I had to add it back in prior to running this command because
it had gone missing again over the weekend. syd01ex0001 is the an Exchange
server that i have set up a static record on as well. It doesn't disappear.

DNS is AD integrated.

Returned records:
@ [Aging:3559913] 600 A 192.168.15.101
[Aging:3559918] 3600 NS syd01sq0001.XXX.com
3600 NS syd01ex0001.XXX.com
3600 SOA syd01sq0001.XXX.com hostmaster. 5743 900 600
86400 3600
......
syd01as0002 3600 A 192.168.15.116
syd01ex0001 [Aging:3559918] 3600 A 192.168.15.101
.........

Cheers

 

[Lincoln De Kalb]

This is still happening. Any ideas on what I can do to troubleshoot?

Thanks,

Here's a subset of the output. the record that keeps disapearing is
syd01as0002. I had to add it back in prior to running this command because
it had gone missing again over the weekend. syd01ex0001 is the an Exchange
server that i have set up a static record on as well. It doesn't
disappear.

DNS is AD integrated.

Returned records:
@ [Aging:3559913] 600 A 192.168.15.101
[Aging:3559918] 3600 NS syd01sq0001.XXX.com
3600 NS syd01ex0001.XXX.com
3600 SOA syd01sq0001.XXX.com hostmaster. 5743 900
600
86400 3600
.....
syd01as0002 3600 A 192.168.15.116
syd01ex0001 [Aging:3559918] 3600 A 192.168.15.101
........

Cheers

In

Herb gave you a good explanation of cnames.

Can you give us an example of the A record you are trying to create?

Is the zone you are trying to create it on an AD INtegrated, Primary or
Secondary zone?

Can we see your current records in your zone so we can compare the record
you are trying to create compared to what already exists? You can do that
by running this command and copying/pasting the output with your next
reply:

dnscmd /enumrecords /zone yourzonename.com

To install the DNSCMD command, all you need to do is install the Support
tools located on the Windows CDROM under the Support folder. Double click
suptools.msi to install it. Then open up a CMD window and run the above
command.

Thanks,

Ace

 

[Ace Fekay [MVP]]

In

This is still happening. Any ideas on what I can do to troubleshoot?

Thanks,

Sorry for the late delay in responding.

So syd01as0002 is your Exchange server. It should auto register itself.
There is no need to create a static entry. Does Exchange ONLY have your
internal DNS in IP properties and no other DNS (such as an ISP's)?

Does the Exchange server have more than one NIC?

Ace

 

[Lincoln De Kalb]

Hey Ace,

Thanks for keeping at this. It happened again for another machine this
morning.

syd01as0002 isn't the exchange server, it's an app server on a different
subnet than the exchange server.

I have two DNS servers, AD integrated, one on the exchange box and another
on another server. They host the internal DNS, though our external DNS is
held by a 3rd party ISP.

Today it happened it syd01fs0001 which is on the same subnet as the DNS
servers.

Is there any verbose logging I can enable and then sift through the logs to
find any records being deleted?

Cheers
Lincoln

 

[Ace Fekay [MVP]]

In

Hey Ace,

Thanks for keeping at this. It happened again for another machine this
morning.

syd01as0002 isn't the exchange server, it's an app server on a
different subnet than the exchange server.

I have two DNS servers, AD integrated, one on the exchange box and
another on another server. They host the internal DNS, though our
external DNS is held by a 3rd party ISP.

Today it happened it syd01fs0001 which is on the same subnet as the
DNS servers.

Is there any verbose logging I can enable and then sift through the
logs to find any records being deleted?

Cheers
Lincoln

Verbose logging can be accessed in DNS server properties, loggin tab. But
this will need to enabled on all DNS servers.

I'm starting to think it's possible a DNS infrastructure design issue., but
I could be totally wrong.

So the Echange server is a domain controller? I usually like to make them
member servers. Too much overhead.

Anyway, you only have one domain, correct? Can you postg an unedited
ipconfig /all from the Exchange/DC, from syd01fs0001, from the other DC
(assuming that you have two) and a sample client machine please?

Do y9ou have any other domains or subnets?

AD Integrated? What's the replication scope? (If you have more than one
domain, this can be important.)

Also, what type of apps are on the app server?

Thanks,

Ace