DNS-Server deletes entries

  • Thread starter Thread starter Axel Schwenke
  • Start date Start date
A

Axel Schwenke

Hi there!
I've got a problem with our two DNS-Servers:

There is a AD-Domain with 3 DCs and 6 memberservers. Two of these DCs are
DNS-Servers with w2k sp4 installed. The other DC is running with w2k3
sp1. The memberservers are mixed w2k-sp4 and w2k3-sp1.

Now we have to change our LAN-IP-structure from 192.x.y.z/24 to
10.x.y.z/20. So I added a second IP-adress on every server in our domain.
I also added one host(A)-entry for every server on our dns-servers.
The reverse-lookup-zone for 10.x.y.z was added, also.

So the DNS showed my to entries for every server. One with the old adress
and one with the new one. Easy..., I thought.
But after about 30min I saw that five of the new adresses were suddenly
missing in the two DNS-servers. The missing entries are the two dns-
servers, the other dc, one ISA-proxy and a citrix-metaframe-server.

I found event-id 6701 in the dns-eventlog, which said something about
dynamic updates of the DNS, but I didn't understand it completely.

So, do you know why the dns-servers are deleting these entries?

Any information / help is appreciated.
Thanks in advance!

Greetings
Axel
 
In
Axel Schwenke said:
Hi there!
I've got a problem with our two DNS-Servers:

There is a AD-Domain with 3 DCs and 6 memberservers. Two of these DCs
are DNS-Servers with w2k sp4 installed. The other DC is running with
w2k3 sp1. The memberservers are mixed w2k-sp4 and w2k3-sp1.

Now we have to change our LAN-IP-structure from 192.x.y.z/24 to
10.x.y.z/20. So I added a second IP-adress on every server in our
domain. I also added one host(A)-entry for every server on our
dns-servers.
The reverse-lookup-zone for 10.x.y.z was added, also.

So the DNS showed my to entries for every server. One with the old
adress and one with the new one. Easy..., I thought.
But after about 30min I saw that five of the new adresses were
suddenly missing in the two DNS-servers. The missing entries are the
two dns- servers, the other dc, one ISA-proxy and a
citrix-metaframe-server.

I found event-id 6701 in the dns-eventlog, which said something about
dynamic updates of the DNS, but I didn't understand it completely.

So, do you know why the dns-servers are deleting these entries?

Any information / help is appreciated.
Thanks in advance!

Greetings
Axel
Click to expand...

Did you check the listen on addresses?
Use the DNS management console, select the properties of the DNS server,
Interfaces tab, add the new addresses to the listen on list.
Win2k DCs with DNS will only register its host name records on the address
DNS listens on.
 
Did you check the listen on addresses?
Use the DNS management console, select the properties of the DNS
server, Interfaces tab, add the new addresses to the listen on list.
Win2k DCs with DNS will only register its host name records on the
address DNS listens on.
Click to expand...

Hi Kevin!
Thanks for your answer.

The settings were set correctly.
The server listens on "all ip-adresses".
Both adresses are shown in the textbox below.

It's also strange that not only the adresses of the two DNS-servers are
missing, but the third DC (no DNS installed) and also one proxy and a
citrix-server.
The last two servers are just memberservers. The proxy runs with w2k sp4
and the citrix with w2k3 (no sp, yet).

So not only the adresses of the DNS-servers have been deleted.

Is there something which could explain this behaviour?

Thanks in advance!

Greetins
Axel
 
In
Axel Schwenke said:
Hi Kevin!
Thanks for your answer.

The settings were set correctly.
The server listens on "all ip-adresses".
Both adresses are shown in the textbox below.

It's also strange that not only the adresses of the two DNS-servers
are missing, but the third DC (no DNS installed) and also one proxy
and a citrix-server.
The last two servers are just memberservers. The proxy runs with w2k
sp4 and the citrix with w2k3 (no sp, yet).

So not only the adresses of the DNS-servers have been deleted.

Is there something which could explain this behaviour?

Thanks in advance!
Click to expand...

Yes, it is possible someone has configued the DCs with this PublishAddress
Registry entry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

Value name: PublishAddresses
Data type: REG_SZ
Value data: IP address of the server's local network adapter. If you have to
specify more than one IP address, separate the addresses with spaces.
 
Back
Top