+ Post New Thread
Results 1 to 3 of 3
Windows Thread, My DNS is broken :( in Technical; I have just found that the reverse lookup on my DNS is messed up and I can't get it to ...
  1. #1

    Join Date
    Nov 2005
    Location
    North
    Posts
    1,817
    Thank Post
    24
    Thanked 91 Times in 71 Posts
    Rep Power
    50

    My DNS is broken :(

    I have just found that the reverse lookup on my DNS is messed up and I can't get it to work at all.

    I have 2 DC which both run as DNS servers pointing to each other, the PTR records where wrong which i thought was down to the fact I changed the subnet masks of the servers a few weeks back.

    I removed the reverse zone and redid them but they never fill up, and when I go to a forward record and cycle the tickbox to update the PTR record it says the referenced lookup zone does not exist

    I only realised there was a major problem cos Smoothie failed its LDAP lookup and everyone was blocked.

    When I go to my client and do a registerdns its not showing up either.. there are about 4 clients that have updated their records.

    Tis the season to be jolly and all that...

    Better get investigating further.

  2. #2
    azrael78's Avatar
    Join Date
    Sep 2007
    Location
    Devon
    Posts
    383
    Thank Post
    47
    Thanked 37 Times in 33 Posts
    Rep Power
    20

    Cool

    Can you provide more information on your DNS setup?

    You say you have 2 DNS servers each on a DC.

    Are these DCs the same - as in do they serve the same domain (as in PDC/BDC relationship) or is it 1 DC for 1 domain and 1 for another.

    If the former - your FQDN -> IP zones should be AD Integrated.
    You could then try this:

    1) Remove the PTR zones from both DNS servers, ensure that after a stop/start of DNS, that no PTR zones exist.
    2) Recreate the PTR zone on one of the DNS servers - set it as a 'Primary' Zone but make it AD Integrated (which means it's replicated between your DCs).
    3) Ensure that the PTR zone is correct for your subnet and that secure updates are permitted.
    4) On the general Zone properties page - ensure that replication scope is to all DCs in the domain.
    5) Create some PTR records of your choice, either by updating your A records and then setting 'Create PTR records' or by manually putting some new ones in that match your existing A records.

    On the other DC - repeat the above - except for #5.

    When you refresh your second DC's DNS - you should find that it already has the PTR records you set on the first DNS (assuming that AD replication is all working) - this now means that both DNS servers have a copy of the same Reverse zone and it's replication is handed by the AD.

    Ensure that on both DCs your DNS servers are:
    DNS1 - 127.0.0.1 (DC points to itself)
    DNS2 - IP of other DC

    If you have 2 DCs and they DON'T serve the same domain/forest - try this:

    1) Remove the PTR zones from both DNS servers, ensure that after a stop/start of DNS, that no PTR zones exist.
    2) Recreate the PTR zone on one of the DNS servers - set it as a 'Primary' Zone but DO NOT make it AD Integrated.
    3) Ensure that the PTR zone is correct for your subnet and that secure updates are permitted.
    4) On the Zone Transfers page - enable Zone Transfers to 'only the following Nameservers' and put in the IP of your other DC.
    5) Create some PTR records of your choice, either by updating your A records and then setting 'Create PTR records' or by manually putting some new ones in that match your existing A records.

    On the other DC do the following:

    1) As above step #1.
    2) Recreate the PTR zone as a secondary DNS zone - specify the IP of the other DC as the master for this zone.
    3) As you set-up zone transfers earlier, it should transfer your Reverse zone to this DC.
    4) If all went well, you should see PTR records in your reverse zone that you created earlier.

    I realise that this particular method isn't very nice in that you can only update PTR records on one DNS - you could get around this by installing DNS on a 3rd server - simply to act as the master for your reverse zone - then set both DCs to be secondary zones, so you only need change the PTRs on one server, however this will complicate your DNS setup a little.

    The other way to handle it would be to have 2 primary zones - 1 for each DC, but this means you'd need to make 2 sets of changes on each server and there isn't any replication between them to ensure that PTR records are kept up-to-date - but it depends on what you want, if you need the resiliency or not.

    Hopefully the above has helped somewhat - if you give this a shot and let me know - plus additional information regarding your DNS setup, I can give it a thorough look over during work tomorrow (we have a lot of DNS servers and I do have a perverse liking for DNS )

    Az

  3. #3

    Join Date
    Nov 2005
    Location
    North
    Posts
    1,817
    Thank Post
    24
    Thanked 91 Times in 71 Posts
    Rep Power
    50
    I had done all the first load of steps beofre I posted.. one domain with 2 DNS servers.

    Now I am getting a problem with none servers updating their PTR record. When I update a record for a server the PTR record appears... when I try it for a client it doesn't and comes up with a error that the referenced lookup zone does not exist.

    I am limping to the finish line and will sort it next week when I have more time.

SHARE:
+ Post New Thread

Similar Threads

  1. [Gentoo] dns broken for vpn client
    By RabbieBurns in forum *nix
    Replies: 0
    Last Post: 6th July 2009, 06:29 AM
  2. DNS Flush / DNS Register
    By brahma in forum Windows
    Replies: 1
    Last Post: 18th July 2008, 09:29 AM
  3. DNS Problems... DCHP correct, DNS wrong
    By burgemaster in forum Windows
    Replies: 7
    Last Post: 27th June 2008, 11:05 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •