DHCP and DNS not talking

[Vitalix]

Hey guys and gals,

We just created a new subnet on our network. Originally we were 192.168.50.x, now we created 192.168.60.X, created a DHCP scope for it (same MS 2K3 server), and everything works OK.

We plugged in 5 new machines into the new subnet (gigabit for video editing segment) and all the machines picked up and IP address and can browse the server and network without issue.

The problem: the machines IP addresses are still in the 192.168.50.X subnet, the same as when they were originally registered! I tried scavenging and reloading the zone, as well as clearing the cache, but no luck.

I don't want to manually change the IP addresses, b/c this should be done automatically, no? If our network had 260 PCs, that would be unpleasant to do them one by one in DNS.

Am I missing something in my config? In the DHCP applet, all the addresses are visible. How can I get DNS to update/synch with the DHCP server do that the new IP addresses are in DNS?

Thanks in advance as always!

[Vitalix]

Quick update, it seems like when I manually removed an IP address that was registered on the 50 domain, about 10 minutes later, it registered correctly in the 60 domain. The existing clients that I did not delete are still showing their old IP addresses.

Edited November 29, 2005 by Vitalix

[Kramy]

How long ago did you do this? I know with my router it takes it several hours to update what it shows me. I would assume win2k3 wouldn't be so slow though...

Do you know what the DHCP lease time is? When the lease to the IP is up, perhaps the subnet/IP will automatically update correctly?

[cluberti]

What's the TTL on your DNS records? If the TTL hasn't expired, the client update will be ignored. The update would only occur when the client got a new IP address after the DNS entry's TTL had expired. Otherwise, there will be no update until manual deletion of the record or TTL expiry. Scavenging wouldn't work, because likely none of the records had expired yet, and thus were not "invalid" yet.

[Vitalix]

What's the TTL on your DNS records? If the TTL hasn't expired, the client update will be ignored. The update would only occur when the client got a new IP address after the DNS entry's TTL had expired. Otherwise, there will be no update until manual deletion of the record or TTL expiry. Scavenging wouldn't work, because likely none of the records had expired yet, and thus were not "invalid" yet.

How can I check the TTL on the DNS records? For the DHCP scope, the lease duration is 5 days. Does that mean that DNS will not update until the DHCP lease expires, or is there a separate TTL for DNS records as well?

[cluberti]

The DNS TTL is separate from the DHCP lease lifetime. Go to the properties of your DNS zone and you should see the TTL information displayed on the SOA tab. I would strongly suggest using a shorter lifetime in DHCP for your Active Directory clients, due to issues such as these - especially if you have laptop users. I don't suggest leases longer than 24 hours in an AD environment, and 12 hours or less is even more preferrable.

[fizban2]

but by having the lease being that short doesn't that create extra traffic for the network? or would that depend on how many users need to receive renewed leases. 12 - 24 hours seems to be pretty short and sounds like it would create a lot of unessicary bandwidth usage on the network

[jondercik]

DHCP message traffic is very small and checking in every 12hrs on a gigabit network with that small number of clients will not present an issue. If it were 1000s of clients yes it could be a problem but with 5 it is no big deal.

[cluberti]

DHCP and DNS registration traffic in themselves are very light, almost unnoticeable in a network trace. I'd worry more about Windows Updates and Antivirus Update traffic before I even thought about DNS registrations and DHCP DORA processes, bandwidth-wise.

[Vitalix]

The DNS TTL is separate from the DHCP lease lifetime. Go to the properties of your DNS zone and you should see the TTL information displayed on the SOA tab. I would strongly suggest using a shorter lifetime in DHCP for your Active Directory clients, due to issues such as these - especially if you have laptop users. I don't suggest leases longer than 24 hours in an AD environment, and 12 hours or less is even more preferrable.

According to settings, TTL is set for one day. However after one day, it looks like nothing has moved yet. The move happened yesterday (27 hours ago) and still no updates in DNS. DHCP shows leases for the new 60 subnet, but no changes in DNS.