Announcement

Collapse
No announcement yet.

DNS Aliases (CNAME) stop working

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS Aliases (CNAME) stop working

    Good day,

    I have an issue that recently started and I don't have the slightest idea why or where to start looking.

    When I create a CNAME for a server it works for a little while and then just stops working without any error in the eventviewer under DNS entries or Directory Services.

    On the most recent event I saw that 10 minutes before the CNAME stopped working, there was a DNS scavenging event that occurred, can that be the problem for newly created CNAMEs? All older CNAMES still work, it is only for the newly created ones that work for about 4 hours then stops.

    As a workaround I created A Reocrds to serve to accomplish the additional name but that is not really a preferred solution.

    Any help or guidance will be appreciated!

  • #2
    Re: DNS Aliases (CNAME) stop working

    Can you give a bit more information?
    When you say the CNAME stopped working, what exactly happens? Is the CNAME record no longer in the zone? When you do an nslookup query what does it return? How do you know that it has stopped working?
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: DNS Aliases (CNAME) stop working

      The CNAME is still is the zone but the DNS does not resolve the CNAME with nslookup or pinging.

      Here is an example:
      Physical Machine A Record : cvsserver.mydomain.com
      CNAME in DNS: cvs.mydomain.com

      For the first few hours when pinging cvs or cvs.mydomain.com I get reply from cvsserver.mydomain.com [192.168.1.22]

      After a few hours the CNAME stops working as it is not resolved anymore but as mentioned, the CNAME record still exists in the DNS.

      When removing the CNAME record and adding an A record for the CNAME nslookup resolves the name but as soon as I recreate the CNAME, it fails, of course the A record was removed prior to adding the CNAME.

      The above still occurs after flushing both the DNS cache on the DNS server and affected machines.

      We are in the process of migrating to Server 2008 R2 and found several error in the AD which has been resolved already but this DNS issue has occurred long before the migration.

      Comment


      • #4
        Re: DNS Aliases (CNAME) stop working

        DNS scavenging doesn't affect manually/statically created DNS records.

        The CNAME and the A record are independent of each other and will be cached independently. Take a look at the TTL for both, are they the same? When the CNAME stops working does the A record still resolve?

        Comment


        • #5
          Re: DNS Aliases (CNAME) stop working

          Thanks for the reply.

          TTL for both A record and CNAME are 2 hours and the A record still resolves but the CNAME doesn't.

          This raises another, and might be a silly, question. If tried to read several "Understanding DNS TTL" resources but none explain it. When creating a CNAME and the TTL is registered in the cache, how does the counter then work in relation to the A record? Will it automatically check the remainder TTL of the A record then adjust the CNAME record accordingly so that the remainder TTL in the cache is the same? What it comes down to, will the A record and newly created CNAME expire at the same time if the TTL specified is the same? Reason for this question is I need to understand this process.

          My understanding of caching is that even tough the TTL is the same they will expire based on the time of registration / propagation, in this case the CNAME TTL will start it's counter at the time it is created whereas the A Record will expire either before or after that as the counters and remaining time will differ. This in turn result in the sync between the A record and CNAME to be out - different expiry times.

          What I don't understand is why the TTL will cause the CNAME to stop working if they are different because my understanding of caching is that once the TTL has expired, the machine requesting the resolution will query the DNS server instead of its cache and seeing that the CNAME record still exists and the A record hasn't changed there should be no issue resolving the CNAME to its associated A Record ... Is my argument that flawed?

          Comment


          • #6
            Re: DNS Aliases (CNAME) stop working

            Originally posted by MR_Big View Post
            When removing the CNAME record and adding an A record for the CNAME nslookup resolves the name but as soon as I recreate the CNAME, it fails, of course the A record was removed prior to adding the CNAME.
            When the CNAME lookup fails, what is the message you get back from the server? Domain doesn't exist or a time out?

            Originally posted by MR_Big View Post
            When creating a CNAME and the TTL is registered in the cache, how does the counter then work in relation to the A record? Will it automatically check the remainder TTL of the A record then adjust the CNAME record accordingly so that the remainder TTL in the cache is the same? What it comes down to, will the A record and newly created CNAME expire at the same time if the TTL specified is the same?
            The TTL is for the life of the cached record. It is independent of all other records. The TTL determines how long a record will stay in the cache. That's all it does.

            The process for a computer when it receives a CNAME record is this:
            - client queries DNS for for www.domain.com
            - client receives a CNAME records pointing to domian.com
            - client queries DNS for domain.com
            - client receives A for domain.com
            - client is now able to send data to IP address of domain.com

            This is a very simplified breakdown but this should give you a picture of whats going on.
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: DNS Aliases (CNAME) stop working

              Request could not find host. Please check the name and try again. <- message from server.

              Comment


              • #8
                Re: DNS Aliases (CNAME) stop working

                Originally posted by MR_Big View Post
                Request could not find host. Please check the name and try again. <- message from server.
                That sounds like a PING message. Can you use NSLOOKUP to query the server and let us know what the response is?

                To do so, open a command prompt and type the following:
                Code:
                C:\> nslookup
                > cvs.mydomain.com
                Regards,
                Jeremy

                Network Consultant/Engineer
                Baltimore - Washington area and beyond
                www.gma-cpa.com

                Comment


                • #9
                  Re: DNS Aliases (CNAME) stop working

                  Hi, issue was with the TTLs. Newly created A records have a TTL of 20 minutes and CNAMEs have TTL records of 2 hours.

                  Comment


                  • #10
                    Re: DNS Aliases (CNAME) stop working

                    As far as I was aware (and I may be wrong), the TTL for all records is set by the SOA record, and the only way to overide it is to manually set the TTL for the individual record(s) that you want to change.

                    Had you manually set the TTL for the CNAME record or is the TTL specified in the SOA 20mins?

                    (I'm just trying to understand this)

                    Thanks
                    A recent poll suggests that 6 out of 7 dwarfs are not happy

                    Comment


                    • #11
                      Re: DNS Aliases (CNAME) stop working

                      Originally posted by Blood View Post
                      As far as I was aware (and I may be wrong), the TTL for all records is set by the SOA record, and the only way to overide it is to manually set the TTL for the individual record(s) that you want to change.

                      Had you manually set the TTL for the CNAME record or is the TTL specified in the SOA 20mins?

                      (I'm just trying to understand this)

                      Thanks
                      The SOA setting for the TTL was 2 hours but for the record, and others, it was 20 min. I gather that the TTL was inherited from previous DCs (pre-2003) When the CNAME were created, their default TTL was 1hr thus a mismatch of 20min vs 1h.

                      I manually changed the affected A Record and CNAME's TTL to 2hrs and it hasn't stopped working after that.

                      Comment


                      • #12
                        Re: DNS Aliases (CNAME) stop working

                        Thanks a lot
                        A recent poll suggests that 6 out of 7 dwarfs are not happy

                        Comment

                        Working...
                        X