Re: DNS aging/scavenging
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Fri, 25 Aug 2006 10:47:08 -0500
"David Brown" <DavidBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E1B0B80D-9238-4FEE-B40C-69CBF2CF9C50@xxxxxxxxxxxxxxxx
It seems that timestamp changes alone are not enough to flag a DNS record
for
replication. Can anyone explain what I'm seeing??
I've found that the timestamps for a host can vary widely across the
organization. We have about 50 DNS servers across the world that host the
zone. For example, thre is a workstation in the Netherlands. If I look
at
the DNS server in Netherlands site, the workstation has a timestamp of
Aug-22, which is in the no-refresh period. If I look at the DNS server in
Colorado, the same workstation has a timestamp of Aug-7, which is in the
expired period. If I were to scavenge from Colorado, that record would be
deleted - which would be undesirable.
Chances are the TIMEZONES are no all set correctly.
Then, of course, the admin sets the time to LOOK RIGHT and
it is now off by the amount the timezone is wrong.
Check timezones on every such server.
AD Replication seems healthy - a replication delta report shows that all
50
DCs have replicated in the last 45 minutes and there have been no failures
in
the last few days. If I delete a record, I can watch the record disappear
from server after server as replications occur.
Even within the same site, the timestamp is unreliable. The site in
Coloradao where I currently sit has three DCs with a DNS server on each
DC.
My DHCP assigned workstation has a current timestamp on one DNS server
(the
one with DHCP Server running) , and no timestamp on the other two. The
three
DNS servers are all DCs and replicate within 10 minutes.
We did load all DNS records from a backup six months ago, which removed
all
of the timestamps, but one would think that in that time, my timestamp
would
would have replicated over the blank ones on the other DCs in the same
site
and eventually the world.
So.. It's seems like changes to the timestamp alone are not replicated.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"Herb Martin" wrote:
"David Brown" <DavidBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4117662E-7D5F-4866-A999-3E27E0356C57@xxxxxxxxxxxxxxxx
DCHP Client.. I was wondering how that registration was happening...
DHCP Client service was running, I restarted the service just in case
there
was a problem and the server refreshed its record.
That's quick and non-invasive enough that I can script a remote service
restart on the affected servers and hopefully get them back in sync
again.
Chances are that "ipconfig /refreshDNS" is respecting the
"NorefreshInterval"
but that after restarting the DHCP client services this info is forgotten
and
so doesn't suppress the re-registration prior to that interval passing.
Also note that DCs don't refresh EVERYTHING unless you either restart
"NetLogon" service or perform on of the diagnostic fixes: "netdiag /fix"
or
"dcdiag /fix".
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Thanks for the idea !
"Kevin D. Goodknecht Sr. [MVP]" wrote:
David Brown wrote:
I'm working on setting up DNS aging/scavenging for a large DNS
domain. In preparation for this, I'm dumping and analyzing the DNS
records to determine what records are eligible for scavenging and
then taking action as necessary to prevent those records from being
deleted. I've found a few servers (about 100 of 11000 records) that
are not refreshing their DNS records. They have static addresses,
and are configured to register their connection in DNS. In DNS,
they
are set to "delete when stale" and have a timestamp. For some
reason, they have stopped refreshing their records. As I understand
it, these servers should be registering and refreshing their records
via DDNS daily. - even though they are not being supplied their
addresses via DHCP...
I've tried using ipconfig /registerDNS. This works in some
instances, and not in others - seemingly with the same
configuration.
So.. can anyone suggest a reason that these servers are not
refreshing their records?
Have you stopped or disabled the DHCP client service?
The DHCP client service is responsible for DNS registrations, even if
the
server is not a DHCP client.
What is the best way to handle them to prepare for scavenging? -
just disable the "delete when stale" flag, or is there a way to kick
start them back into a working state?
If DDNS is working correctly, only manually created records need to
not
have
a time stamp. Even clients with a static address should register,
manual
created records should have delete this record when it becomes stale
cleared.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
.
- Follow-Ups:
- Re: DNS aging/scavenging
- From: David Brown
- Re: DNS aging/scavenging
- References:
- Re: DNS aging/scavenging
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS aging/scavenging
- From: David Brown
- Re: DNS aging/scavenging
- From: Herb Martin
- Re: DNS aging/scavenging
- From: David Brown
- Re: DNS aging/scavenging
- Prev by Date: Re: DNS aging/scavenging
- Next by Date: Re: .local or .com
- Previous by thread: Re: DNS aging/scavenging
- Next by thread: Re: DNS aging/scavenging
- Index(es):
Relevant Pages
|
