Announcement

Collapse
No announcement yet.

DHCP Client DNS Registration Issues

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DHCP Client DNS Registration Issues

    I have a Windows 2003 AD with integrated DNS and Windows 2003 DHCP and WINS servers. Since December, I've been fighting two DHCP or DNS issues.

    1) Devices with legacy or embedded non-Windows OS's are not getting registered in DNS when issued a DHCP address. I think I corrected this by selecting the "Dynamically update DNS A and PTR records for DHCP clients that do not request updates (for example, clients running Windows NT 4.0)" option on the scope's DNS property tab.

    2) Clients with addresses from our two wireless address scopes are getting registered in DNS, but when their DHCP lease expires, the DNS record is not getting deleted. Of course this causes multiple client entries in DNS for the same IP. Examinations of the DHCP leases and WINS records show them to have the current, correct, information. The lease duration for the wireless scopes was the same as our wired scopes, 8 days, so I just reduced the lease to 3 hours (I could locate any best practice guidance documents, so I hope this isn't too aggressive) Now that I've shortened the lease for the wireless scopes, it feels like I should modify the DNS scavenging from 7 days to something shorter.

    If anyone could provide some help correcting these issues, it would be greatly appreciated.

    I've included some documentation of the general configuration of our servers.

    >>>>>>>>>>>>>>>>>>>>
    DHCP Servers
    Server Properties
    GENERAL
    NO - Automatically update statistics every:
    YES - Enable DHCP audit logging
    NO - Show the BOOTP table folder
    DNS
    YES - Enable DNS dynamic updates according to the settings below:
    SELECTED - Always dynamically update DNS A and PTR records
    YES - Discard A and PTR records when lease is deleted
    NO - Dynamically update DNS A and PTR records for DHCP clients that do
    not request updates (for example, clients running Windows NT 4.0)
    ADVANCED
    Conflict detection attempts: 0
    Audit log file path: C:\Windows\System32\dhcp
    Database path: C:\Windows\System32\dhcp
    Backup path: C:\Windows\System32\dhcp\backup
    Bindings: {NIC1}
    Credentials: No Value (system?)

    Standard Scope Properties
    GENERAL
    Lease: 0D 3H 0M (wireless scopes, all others are 8 days)
    DNS
    YES - Enable DNS dynamic updates according to the settings below:
    SELECTED - Always dynamically update DNS A and PTR records
    YES - Discard A and PTR records when lease is deleted
    YES - Dynamically update DNS A and PTR records for DHCP clients
    that do not request updates )for example, clients running
    Windows NT 4.0)
    ADVANCED
    SELECTED - DHCP only
    Scope Options
    Global: 015 and 042
    Scope: 003, 006, 044, and 046

    DNS Servers
    Server Properties
    INTERFACES
    SELECTED - Only the following IP addresses
    IP Address: {self}
    FORWARDERS
    DNS Domain: All other DNS domains
    Forwarder List: {ISP Provided DNS Host Addresses}
    Time Out: 3
    NO - Do not use recursion for this domain
    ADVANCED
    Server Options: NO - Disable recursion
    NO - BIND secondaries
    NO - Fail on load if bad zone data
    YES - Enable round robin
    YES - Enable netmask ordering
    YES - Secure cache against pollution
    Name checking: Multibyte (UTF
    Load zone data on startup: From Active Directory and registry
    YES - Enable automatic scavenging of stale records
    Scavenging period: 7 Days
    Zone Properties
    GENERAL
    Status: Running
    Type: Active Directory Integrated
    Replication: All domain controllers in the Active Directory domain
    Dynamic updates: Nonsecure and secure (Would like to change to secure only - unsure of implications)
    Aging: YES - Scavenge stale resource records
    No-refresh: 6 Days
    Refresh: 6 Days
    START OF AUTHORITY (SOA)
    Refresh Interval: 15 Minutes
    Retry Interval: 10 Minutes
    Expires After: 1 Days
    Minumum TTL: 1 Hours
    WINS
    NO - Use WINS forward lookup
    ZONE TRANSFERS
    YES - Allow zone transfers
    SELECTED - Only to following servers
    {List of internal DNS servers}
    Notify: YES - Automatically notify
    SELECTED - The following servers
    {Empty List} ???

    WINS Servers
    Server Properties
    GENERAL
    YES - Automatically update statistics every: 0H 10M 0S
    INTERVALS
    Renew interval: 3D 0H 0M
    Extinction interval: 4D 0H 0M
    Extinction timeout: 3D 0H 0M
    Verification interval: 24D 0H 0M
    DATABASE VERIFICATION
    YES - Verify database consistency every: 24H
    Begin verifying at: 2H 0M 0S
    Maximum number of records verified each period: 30,000
    Verify against:
    SELECTED - Owner servers
    ADVANCED
    NO - Log detailed events to Windows event log
    YES - Enable burst handling
    SELECTED - Medium
    YES - Use computer names that are compatible with LAN Manager

    >>>>>>>>>>>>>>>>>>>>

    Thanks,
    Frank

  • #2
    Re: DHCP Client DNS Registration Issues

    You have the 'Discard A and PTR records when lease is deleted' enabled. For this to be effective, you also need to look at setting up the following.

    http://technet.microsoft.com/en-us/l.../cc759398.aspx

    Comment


    • #3
      Re: DHCP Client DNS Registration Issues

      Good Morning, and thanks for your reply.

      I'm the only person at my company tasked with managing these servers, and I haven't been given any training on DNS or DHCP management, so I'm really flying by the seat of my pants.
      I have reviewed the MS article you reference, but I'm not sure what would be considered best practice configurations for these settings.
      > Set aging/scavenging properties for the DNS server
      -- Enabled with both values set to 7 Days
      > Set aging/scavenging properties for a zone
      -- Enabled with both values set to 6 Days
      > Enable automatic scavenging of stale resource records
      -- Enabled and set to 7 Days
      When I examine specific DNS records, I find that the the duplicate entries have fairly old time stamps, so I'm not sure why the aging/scavenging hasn't happened.

      Comp1 10.x.x.110 Record Time Stamp: 3/15/2009 11:00:00 AM TTL: 0:0:20:0
      Comp2 10.x.x.110 Record Time Stamp: 3/5/2009 2:00:00 PM TTL: 0:0:20:0

      BTW, I've run a variety of diagnostics on the servers to ensure there were no underlying service or replication errors, and all came back happy.

      Stumped,
      Frank

      Comment


      • #4
        Re: DHCP Client DNS Registration Issues

        Does this answer your question?

        http://support.microsoft.com/kb/932464

        Comment


        • #5
          Re: DHCP Client DNS Registration Issues

          Frank,

          Assuming you are running two DHCP servers, this may help:

          http://technet.microsoft.com/en-us/l.../cc787034.aspx

          Look at the sections titled "DNS record ownership and the DnsUpdateProxy group" and "Securing records when using the DnsUpdateProxy group".

          -Jason
          Last edited by VWA4; 22nd March 2009, 07:00.
          MCSA/MCSE 2K3,MCITP:ESA,MCTS x 4,VCP x 2

          Comment

          Working...
          X