DNS "A" records

Archived from groups: microsoft.public.win2000.dns (More info?)

Hi folks,

This morning I noticed that from our DNS a number of "A" records (around 15
to 20 records) went missing from the forward zone.
we have gone through the DNS logs but found no major event....


Can anybody help with tips on how to investigate this case....This is a
pinching problem as there is no gurantee that this may not happen again....

rgds
Simon
7 answers Last reply
More about records
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:OAY3q3CZEHA.1356@TK2MSFTNGP09.phx.gbl,
    Simon <abstract2030@yahoo.com> posted a question
    Then Kevin replied below:
    > Hi folks,
    >
    > This morning I noticed that from our DNS a number of "A"
    > records (around 15 to 20 records) went missing from the
    > forward zone.
    > we have gone through the DNS logs but found no major
    > event....
    >
    >
    > Can anybody help with tips on how to investigate this
    > case....This is a pinching problem as there is no
    > gurantee that this may not happen again....


    It sounds to me like the records were scavenged by DNS, if they are supposed
    to br static records, make sure they aren't time stamped.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    > It sounds to me like the records were scavenged by DNS,
    > if they are supposed to br static records, make sure they
    > aren't time stamped.

    Also; setup a scheduled job to backup your DNS zone files
    e.g. "zipping" them and using date/time in the name, this way
    you'll also have a quick recovery solution (just in case)
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    > It sounds to me like the records were scavenged by DNS,
    > if they are supposed to br static records, make sure they
    > aren't time stamped.

    Almost forgot ... are there some other DNS servers (IPs)
    which are allowed to change the zone ?!? If that's the case
    I'd investigate to see if someone didn't just delete those
    records ...probably it was an error
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    Kevin....Thanks for the quick response.....

    I suspected that first I did was remove the Scavenging setting on the
    forward zone.....since then things are cool .....

    Yes they were static records....

    Can you please help me summarise my understanding on this...apologies if I
    am confused on some things

    1. The servers whose A records were missing from the zone were Win2k Servers
    with static IP
    --> My assumtion : They are active servers so I belive that the records
    should not be scavanged

    2. The DNS is configured for secure updates
    ----> My assumption is the servers being members of the domain should be
    able to do a dynamic update

    3. a bit more for "make sure they aren't time stamped"

    Thanks for your valuable time.

    rgds
    Simon


    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:OTGf1$CZEHA.3480@TK2MSFTNGP11.phx.gbl...
    > In news:OAY3q3CZEHA.1356@TK2MSFTNGP09.phx.gbl,
    > Simon <abstract2030@yahoo.com> posted a question
    > Then Kevin replied below:
    > > Hi folks,
    > >
    > > This morning I noticed that from our DNS a number of "A"
    > > records (around 15 to 20 records) went missing from the
    > > forward zone.
    > > we have gone through the DNS logs but found no major
    > > event....
    > >
    > >
    > > Can anybody help with tips on how to investigate this
    > > case....This is a pinching problem as there is no
    > > gurantee that this may not happen again....
    >
    >
    > It sounds to me like the records were scavenged by DNS, if they are
    supposed
    > to br static records, make sure they aren't time stamped.
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ============================
    > --
    > When responding to posts, please "Reply to Group" via your
    > newsreader so that others may learn and benefit from your
    > issue. To respond directly to me remove the nospam. from my
    > email. ==========================================
    > http://www.lonestaramerica.com/
    > ==========================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ==========================================
    > Keep a back up of your OE settings and folders with
    > OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ==========================================
    >
    >
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:eELzV1DZEHA.4008@TK2MSFTNGP09.phx.gbl,
    Simon <abstract2030@yahoo.com> posted a question
    Then Kevin replied below:
    > Kevin....Thanks for the quick response.....
    >
    > I suspected that first I did was remove the Scavenging
    > setting on the forward zone.....since then things are
    > cool .....
    >
    > Yes they were static records....
    >
    > Can you please help me summarise my understanding on
    > this...apologies if I am confused on some things
    >
    > 1. The servers whose A records were missing from the zone
    > were Win2k Servers with static IP
    > --> My assumtion : They are active servers so I belive
    > that the records should not be scavanged

    If something changed on the servers that prevented them from re-registering
    their addresses in DNS, the record will be scavenged based on the last
    timestamp on the record.

    >
    > 2. The DNS is configured for secure updates
    > ----> My assumption is the servers being members of the
    > domain should be able to do a dynamic update
    This is true but you would have to take a look at the zone or record ACL to
    see if someone may have either accidentally or purposely changed the
    permissions that prevented the machines from having permission to update
    their records.

    >
    > 3. a bit more for "make sure they aren't time stamped"

    If the servers are static and will stay that way, on the property sheet for
    their records clear the check box "Delete this record when it becomes
    stale", this will remove the timestamp and prevent the record from being
    scavenged.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thanks a lot guys ...we think it is the permissions which could be the issue
    which did not allow some servers to update to the DNS ......

    Thanks a lot for the pointer....

    "ObiWan" <anzen.NO@SPAM.gmx.net> wrote in message
    news:e$0ABMEZEHA.2840@TK2MSFTNGP11.phx.gbl...
    > > It sounds to me like the records were scavenged by DNS,
    > > if they are supposed to br static records, make sure they
    > > aren't time stamped.
    >
    > Almost forgot ... are there some other DNS servers (IPs)
    > which are allowed to change the zone ?!? If that's the case
    > I'd investigate to see if someone didn't just delete those
    > records ...probably it was an error
    >
    >
    >
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:%23PCkhRNZEHA.3112@TK2MSFTNGP09.phx.gbl,
    Simon <abstract2030@yahoo.com> posted a question
    Then Kevin replied below:
    > Thanks a lot guys ...we think it is the permissions which
    > could be the issue which did not allow some servers to
    > update to the DNS ......
    >

    That would explain it, if the servers lost permission to update DNS, the
    record would not get an updated timestamp and would eventually get scavenged
    as a stale record.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
Ask a new question

Read More

Microsoft DNS Windows