Dynamic DNS randomly not updating.

  • 275 Views
  • Last Post 29 April 2016
cheerockracy posted this 29 April 2016

DHCP Dynamic DNS is randomly not updating records. DHCP log will show many failures (31), DNS debug log shows very little but many (noerror).

Setup is 2 2008R2 DC's (DC1, DC2) in a cluster (I know, I know) running DHCP as a clustered service. DNS is AD integrated and DC1 is the primary DNS for all nodes via DHCP and static entries. I recently setup credentials for DHCP dynamic updates that was not existing before, I added the two DC's to the DNSUpdateProxy group and ran the following command: dnscmd /config /OpenAclOnProxyUpdates 0

DNS log will show failed updates even though it DNS appears to have an updated entry. Scavenging is not currently enabled. Secure and nonsecure are enabled on the forward zone, but only some reverse zones. Previous to me there was a general 10.0.0.0/8 reverse zone allowing secure and nonsecure updates but also the appropriate 10.x.x.0/24 reverse zone but not allowing any updates. I'm not seeing failures but will my DHCP DNS renewals fail because of the reverse DNS? I also have some DHCP entries that do not leave the pending state.

My question is why aren't all my records updating their forward records? And what's the benefit or disadvantage or using a large reverse DNS lookup zone?

Thanks in advance

-Lisa

Order By: Standard | Newest | Votes
PARRIS posted this 29 April 2016

DHCP updating DNS is an NT4.0 legacy parameter, hence the question.





Regards,



 



Mark Parris



 



Active Directory & Cloud Security Consultancy.



 



MVP Enterprise Mobility | MCM Directory Services



Mobile: +44 7801

690596




E-mail: mark@xxxxxxxxxxxxxxxx 



 

Twitter | Blog | LinkedIn | Skype |About.me

 

show

cheerockracy posted this 29 April 2016

Testing for client or permission issues, but I also don't see the harm. I haven't seen an increase in successes or failures after the change. 
Sent from my iPhone
On Apr 29, 2016, at 11:46 AM, Mark Parris <mark@xxxxxxxxxxxxxxxx> wrote:










Why do you have DHCP updating DNS and not the client?





Regards,



 



Mark Parris



 



Active Directory & Cloud Security Consultancy.



 



MVP Enterprise Mobility | MCM Directory Services



Mobile: +44 7801

690596




E-mail: mark@xxxxxxxxxxxxxxxx 



 

Twitter | Blog | LinkedIn | Skype |About.me

 

show

PARRIS posted this 29 April 2016

Why do you have DHCP updating DNS and not the client?





Regards,



 



Mark Parris



 



Active Directory & Cloud Security Consultancy.



 



MVP Enterprise Mobility | MCM Directory Services



Mobile: +44 7801

690596




E-mail: mark@xxxxxxxxxxxxxxxx 



 

Twitter | Blog | LinkedIn | Skype |About.me

 

show

cheerockracy posted this 29 April 2016

Thanks, that is my thought but I am getting push back since it hosts cluster quorums and more - trying to do what I can before I insist this is the only solution.  :p
Sent from my iPhone
On Apr 29, 2016, at 11:08 AM, Danny CS <daemonroot@xxxxxxxxxxxxxxxx> wrote:

show

daemonr00t posted this 29 April 2016

I would break down the DC cluster you mention and then test the whole scenario again... ~d 

show

Close