DNS Conflicts with DHCP 1

[Myllz]

Having a small problem. While pinging IP addresses in my network, I've noticed conflicting return data. For example, if I ping Computer-A, it will return an IP address. If I then turn around and ping the IP address it returns (ping -a IP) it will return a different computer record.

What I've narrowed it down to is DNS records conflicting with DHCP records. DHCP and WINS match up completely, but DNS contains incorrect data. Going back to Computer-A, it will look something like this:

Computer-A
Local IP: 192.168.20.122
DHCP: 192.168.20.122
WINS: 192.168.20.122
DNS: 192.168.20.121

So when I ping Computer-A, it will bring back the correct IP address (192.168.20.122). But when I ping 192.168.20.122, it bring back the computer name of whatever the DNS record contains for that IP.

What I'd like to know is how I can ensure DNS will link up with DHCP at all times. I don't know if it's as easy as adding a CNAME or domain in the reverse lookup zone for my subnet, or if it's something else. If anyone needs any further explaining, please let me know and I will give more information. Thanks for the help!

 

[WhoKilledKenny]

Check to see if your DHCP server is configured to "Dymanically update DNS A and PTR records for DHCP clients that do not request updates (for example, clients running Windows NT 4.0)"
The configuration is a check box in the properties of the DHCP server. You did not mention what os type was used for computer A. If it does not do dynamic DNS updates this should solve you problem.

 

[Myllz]

This was not checked, but I have enabled it. Any idea how long it would normally take for this setting to update the PTR records?

Also, the DHCP/DNS server is Windows 2003 Server. Computer A is Windows 2000 Professional.

 

[WhoKilledKenny]

Good question. I am not 100% positive, but it might be when the computer re-renews its lease. Do a search on MS web-site for DHCP, should be able to find the answer there.

 

[Myllz]

I think what I'm going to do is just remove all the PTR records from DNS (minus servers) over the weekend. PTR records are updated when the machine restarts (I've tested this twice), so on Monday all machines will update in DNS when they start up. This should make DHCP and DNS sync up. Thanks for the help.

 

[ivanpe]

Hi Myllz, did your solution to remove PTR records work?

We have a similar problem. What happens is when some DHCP clients renew leases, a conflict occurs. After a while the DHCP issues the client a new address even though the original lease has not expired, but DNS does not update properly. In the meanwhile, the PCs lose comms with Exchange server, and home drives disappear. Users have to log out and back in again to retrieve home drives.

DHCP server shows lots of BAD_ADDRESS entries in the Address Leases under the active scope.

Have checked for rogue DHCP servers, reinstalled DHCP. This happened once before, and reinstalling DHCP seemed to solve the problem the first time around.

DNS and DHCP running on Windows 2003 Server (DNS on a domain controller), clients are Windows XP and Windows 2000.

Any assistance most welcome.

 

[Myllz]

Sounds like your problem is a little more severe. We never had any problems with client machines losing connections to servers, since our DHCP records were still correct. We just had problems pinging and connecting via UNC to client machine since DNS was messed up.

Anyway, yes, clearing the PTR records fixed my problem. When the machine booted up Monday, all of the PTR records were re-created with their correct, current DHCP IP addresses.

 

[ShackDaddy]

ivanpe, I was curious about how you searched for rogue DHCP servers. Did you sit down at a system with a dynamic IP and release the IP, turn on a sniffer like ethereal or NetMon and renew the IP? If there is a rogue on the network, you should get a DHCP offer from more than one server.

Are the bad addresses at points throughout your scope, or do they cluster in one area?

If I were you, once I'd ruled out a rogue server, I'd think about expanding my local subnet by changing my mask, and put my DHCP scope in the new range.

BTW, is it possible that you have DHCP queries being redundantly relayed by an internal router? Sniffer would tip you off on that too.

ShackDaddy

 

[ivanpe]

Hi ShackDaddy and Myllz

Thanks for your responses.

There are a number of tools available on the Internet (e.g. DHCPExplorer - a gui app) and Microsoft's own dhcploc.exe (a command line app), which is part of the Windows Support Tools package. Essentially, they mimic DHCP clients and display the responses which include the responding server address. (I would imagine this would pick up any routed DHCP offers as well).

The bad addresses are randomly spread throughout the scope.

At present changing our subnet configuration is a problem in terms of fixed server addresses and a few other issues.

We currently suspect the DHCP/DNS interaction and are hoping to resolve the issue at this level.

Thanks.

 

[ivanpe]

Apologies for not doing this earlier. We resolved this issue 2 weeks ago. It turned out to be a faulty Management module on a Synoptics 3000 Chassis which kept randomly intercepting responses to DHCP renewal requests from DHCP clients. It has since been shut down.

 

[ttrsux]

WHAT ABOUT WINS? Is there a way to sync WINS, DHCP, and DNS together? I'm finding sometimes for comm to work, I have to manually edit DNS records or delete a WINS record here and there.

thx