Jump to content

DNS Forward Lookup Zones not always propogating


Tripredacus

Recommended Posts

I've run into a behaviour I can't quite figure out. On my DNS server, I have added 1 Forward Lookup Zone with 1 A record. This A record allows clients on the network able to access a webserver on the WAN by using the FQDN. Sometimes the clients are unable to resolve the webserver address but area always able to resolve the FQDN of the DHCP/DNS server.

An Ipconfig /release /renew always fixes the problem on the client. The problem appears after first boot (or reboot) about 90% of the time. Since the regular DNS is working, but the extra lookup zone doesn't always work, I am guessing it is a configuration problem on the server... rather than a problem with the client.

What could it be?

The server runs AD, DHCP and DNS.

Link to comment
Share on other sites


At first, I would say it might be suffix related or proxy related.

When the problem happen on the client, what is the output of "nslookup fqdn" on the client and on the server ?

Did you checked the dns server logs or tried to enable dns server logging ?

Link to comment
Share on other sites

UPDATE I figured out something! but I can't find why it is happening.

The DHCP/DNS server has ip x.x.x.20. After a reboot, or first boot, the DNS entry in IPCONFIG on the client is x.x.x.10. DNS does not work. After the release/renew, the DNS entry is x.x.x.20 and DNS works.

Now, x.x.x.10 is a valid system on the network... it is the hypervisor (DNS server is in the VM)... I checked the DHCP Server Scope options and both the IPv4 Server Options and the Scope Options (under the Scope tree) both have 006 option set to x.x.x.20. I can't find where the .10 ip is coming from. I've already restarted the services for DHCP and DNS.

Edited by Tripredacus
Link to comment
Share on other sites

Then you might have 2 dhcp running on the same subnet. When you have the wrong dns, what is the dhcp server when you do an "ipconfig /all" on a client computer ?

A good test to find out the other dhcp might be stopping temporarily the dhcp server on the x.x.x.20.

Link to comment
Share on other sites

Then you might have 2 dhcp running on the same subnet. When you have the wrong dns, what is the dhcp server when you do an "ipconfig /all" on a client computer ?

A good test to find out the other dhcp might be stopping temporarily the dhcp server on the x.x.x.20.

You are right. The clients are getting IPs from the firewall at first, but a renew gets them from the DHCP server. Welp, time to call ops. :rolleyes:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...