+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 35
Windows Server 2000/2003 Thread, DNS reverse lookup Server 2003 in Technical; Well, we don't have a rogue DNS server. I used Wireshark and found that it was requesting DNS lookup from ...
  1. #16

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Well, we don't have a rogue DNS server. I used Wireshark and found that it was requesting DNS lookup from our Domain Controller which is also our DNS server. We are really down to the final option of deleting PTR records.....

  2. #17

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Ok what I have done now is test on my own PC. I looked up DNS and found 2 DNS PTR records for my pc name and also the PTR record associated with my ip address...3 PTR records in total!!!! I deleted them and did ipconfig /release /renew. DNS automatically updated with the correct details!!

    At last we are getting somewhere! I think the only option we have now is to delete the DNS PTR records gradually throughout the site.

  3. #18
    waldronm2000's Avatar
    Join Date
    Dec 2009
    Location
    Southend
    Posts
    129
    Thank Post
    49
    Thanked 12 Times in 11 Posts
    Rep Power
    12
    I think this may be related to secure dynamic updates. If I recall correctly, the ACLs that get created for records in AD-integrated zones only allow the owner of the record to update it. This isn't a problem for forward lookups, as the A record belongs to the PC with that name. However, for reverse lookups, the PTR record is tied to the IP address, and this moves as DHCP reallocates the address to different hosts. This may cause problems if the new owner of the IP tries to update the PTR record originally created by a different host. If this is the problem, the solution is to ensure that only the DHCP server updates the PTR records, not the clients. Then delete all the PTR records to ensure that when DHCP leases are renewed the PTR records are created correctly, and owned by the DHCP server.

  4. #19
    ind1ekid's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    82
    Thank Post
    6
    Thanked 16 Times in 13 Posts
    Rep Power
    15
    Quote Originally Posted by william-swc View Post
    Ok what I have done now is test on my own PC. I looked up DNS and found 2 DNS PTR records for my pc name and also the PTR record associated with my ip address...3 PTR records in total!!!! I deleted them and did ipconfig /release /renew. DNS automatically updated with the correct details!!

    At last we are getting somewhere! I think the only option we have now is to delete the DNS PTR records gradually throughout the site.
    Glad to hear it

  5. #20

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    are there any repercussions of just deleting the reverse lookup zone PTR records in one go? surely for accessing network shares the computers use forward lookup?

    My plan would be to delete them all this afternoon, then when everyone logs in again on Monday DHCP will update the PTR records

  6. #21
    waldronm2000's Avatar
    Join Date
    Dec 2009
    Location
    Southend
    Posts
    129
    Thank Post
    49
    Thanked 12 Times in 11 Posts
    Rep Power
    12
    Shouldn't cause any major problems to delete your PTR records, as they're mostly an optional extra with DNS anyway, unless you happen to be using them as a basis for web filtering etc. If you're concerned about getting them back up quickly you could create a CMD file that just says IPCONFIG /RENEW, stick it in a share everyone has read-only access to, and use the AT command (or Scheduled Tasks) to run it on each PC in turn. The DHCP renewal should prompt the DHCP server to recreate the PTR records (I think), and as there's no /RELEASE connectivity should not be affected.

    Incidentally, don't delete the PTR records for any statically configured hosts, or if you do then run IPCONFIG /REGISTERDNS on those to recreate the PTR records.

  7. #22

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by waldronm2000 View Post
    I think this may be related to secure dynamic updates. If I recall correctly, the ACLs that get created for records in AD-integrated zones only allow the owner of the record to update it. This isn't a problem for forward lookups, as the A record belongs to the PC with that name. However, for reverse lookups, the PTR record is tied to the IP address, and this moves as DHCP reallocates the address to different hosts. This may cause problems if the new owner of the IP tries to update the PTR record originally created by a different host. If this is the problem, the solution is to ensure that only the DHCP server updates the PTR records, not the clients. Then delete all the PTR records to ensure that when DHCP leases are renewed the PTR records are created correctly, and owned by the DHCP server.
    Thanks for you contribution, DNS is set to dynamically update from secure sources only and the DHCP server is set to update PTR records not the client. Deleting the PTR records is all there's left to do.

  8. #23

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by waldronm2000 View Post
    Incidentally, don't delete the PTR records for any statically configured hosts, or if you do then run IPCONFIG /REGISTERDNS on those to recreate the PTR records.
    Thanks, yea I know not to delete them. Considering that DHCP is set to update the PTR records, not the client, will the registerdns command still work when run from the client?

  9. #24
    waldronm2000's Avatar
    Join Date
    Dec 2009
    Location
    Southend
    Posts
    129
    Thank Post
    49
    Thanked 12 Times in 11 Posts
    Rep Power
    12
    Quote Originally Posted by william-swc View Post
    Considering that DHCP is set to update the PTR records, not the client, will the registerdns command still work when run from the client?
    Probably not; that's why you would only use /REGISTERDNS on the statically configured IP hosts (in case you need to recreate the PTRs for those too). The /RENEW from the clients should trigger the DHCP server to recreate the PTR records for the DHCP hosts.

  10. #25

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Doh! Schoolboy error right there! lol Note to self.... static ip's don't use DHCP!!!

  11. #26

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Just a quick update, have deleted all PTR records relating to my campus apart from server records. Also did it for another campus. Will see the what effect, if any, it will make on Monday.

    Cheers for everyone's help and advice so far!

  12. #27

    Join Date
    May 2008
    Posts
    524
    Thank Post
    18
    Thanked 8 Times in 8 Posts
    Rep Power
    15
    How did you get on with this? I have the same reverse lookup zone problem in DNS of our 2 server 2003 DCs. We use macs and its causing us a few issues.

    Thanks

  13. #28

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi, We cleared out the PTR records in reverse lookup which seems to be working so far. My settings are as follows:

    My DNS settings on reverse lookup zones are:
    Scavenging time 7 Days (actually another technician has just changed this to 1 hour for testing)
    refresh interval 15 mins
    expires after 1 day
    Minimum Time to Live 1 hour

    Under DHCP settings the DNS tab is
    Enable DNS Dynamic updates (tick)
    Always Dynamically update DNS A and PTR records (tick)
    Discard A and PTR records when lease is deleted (tick)
    Everything else unticked

    However the iMacs are still experiencing problems but they aren't on my campus so can't say exactly what problems they are having. I was speaking to them yesterday and the guys are rebuilding the xserver for the iMacs. The problem with the iMacs initially was that when the Apple specialists were over they couldn't update the AD schema to work with the xserve so they had to configure work arounds, I think that is the root cause of our problems with the iMacs. Sorry I can't be more specific.

    If your mac issues are directly related to DNS reverse lookup, then I would say delete the PTR records in the evening, then when staff/students turn on the computers in the morning DHCP will automatically populate the PTR records. I didn't have any adverse effects on my network by doing that and if nothing else it will ensure your reverse lookups are accurate. In my view it's win win.

  14. #29

    Join Date
    May 2008
    Posts
    524
    Thank Post
    18
    Thanked 8 Times in 8 Posts
    Rep Power
    15
    In your DNS have you got it set to secure updates or Unsecure and Secure?
    Also in my DHCP the tick box is checked for Dynamically update DNS A and PTR records for DHCP clients that do not request updates. Is yours unchecked?

    Thanks

  15. #30

    Join Date
    Sep 2009
    Location
    Northern Ireland
    Posts
    32
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    DNS is set to secure updates only. that tick box is unchecked, the only one ticked is discard PTR and A records when lease is expired

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. DNS reverse lookup problem - NSlookup
    By william-swc in forum Wireless Networks
    Replies: 2
    Last Post: 9th April 2010, 11:47 AM
  2. dotNet: DNS PTR (reverse) queries
    By PiqueABoo in forum Coding
    Replies: 4
    Last Post: 16th June 2008, 11:49 PM
  3. 2003 DNS server missing records
    By Oops_my_bad in forum Windows
    Replies: 1
    Last Post: 9th January 2008, 10:51 PM
  4. DNS reverse look up zones.
    By Kyle in forum Windows
    Replies: 1
    Last Post: 16th October 2007, 08:42 AM
  5. DNS Forward Lookup Zone query
    By SpuffMonkey in forum Windows
    Replies: 0
    Last Post: 19th February 2007, 04:20 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •