I change DNS primary and it doesn't update DNS secondary

[Marlon Brown]

I have AD environmnet, AD-DNS non integrated.
DNS Primary and DNS Secondary, both Win2003.

I have an existing A record on DNS.
I edit and change the IP address of such record.

Three days later, I do from my workstation:

C:\>nslookup oldproxy
Server: dnsprimary.it.company.com
Address: 182.78.94.215

Name: oldproxy.it.company.com
Addresses: 182.78.253.1, 182.78.253.2

First of all, such records 182.78.253.1 and 182.78.253.2 doen't exist on
dnsprimary.

I see that the records of 182.78.253.1 and 182.78.253.2 are being retrieved
from dnssecondary. What's going on ?

 

[Kevin D. Goodknecht Sr. [MVP]]

In

I have AD environmnet, AD-DNS non integrated.
DNS Primary and DNS Secondary, both Win2003.

I have an existing A record on DNS.
I edit and change the IP address of such record.

Three days later, I do from my workstation:

C:\>nslookup oldproxy
Server: dnsprimary.it.company.com
Address: 182.78.94.215

Name: oldproxy.it.company.com
Addresses: 182.78.253.1, 182.78.253.2

First of all, such records 182.78.253.1 and 182.78.253.2
doen't exist on dnsprimary.

I see that the records of 182.78.253.1 and 182.78.253.2
are being retrieved from dnssecondary. What's going on ?

Are these two DNS server behind NAT?
If so, are you allowing zone transfers to all the private IP addresses on
the secondary DNS server's machine?
Also if they are behind the same NAT device, you *cannot* use the option
"allow zone transfers to the DNS servers list on the Name server tab" unless
these NS records are resolved to the private IP address of the NS records.
Not good if these are public DNS servers because the NS records must have
public routable addresses.

To help speed up the zone updates on the secondary, I suggest you use Notify
to notify the secondary.