Sign in with
Sign up | Sign in
Your question

Records deleted from DNS primary didn't get updated on DNS..

Last response: in Windows 2000/NT
Share
Anonymous
February 25, 2005 12:36:41 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In my environment I have WIn2000 AD Native.
We have two Win2003 DNS servers (primary and secondary).

Recently I noticed that a host record that was deleted from the Primary DNS
server and still remained in the Secondary DNS server. Then I did a NSLOOKUP
from a workstation and sporadically the record appeared as existing. I mean,
NSLOOKUP sometimes gathered that host record information from the secondary
DNS server then.

My questions are:
a) A record that is deleted from DNS Primary isn't supposed to be cleared
from the DNS secondary server ? Is that a flaw in this DNS primary/secondary
server model ?

b) How NSLOOKUP determines which DNS server to query ? Isn't that supposed
to query the DNS primary server always ? I noticed that is not the case and
it queried the DNS secondary too.
Anonymous
February 25, 2005 2:41:40 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Marlon Brown" <marlon_brown@hotmail.com> wrote in message
news:o R$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
> In my environment I have WIn2000 AD Native.
> We have two Win2003 DNS servers (primary and secondary).
>
> Recently I noticed that a host record that was deleted from the Primary
DNS
> server and still remained in the Secondary DNS server. Then I did a
NSLOOKUP
> from a workstation and sporadically the record appeared as existing. I
mean,
> NSLOOKUP sometimes gathered that host record information from the
secondary
> DNS server then.

That is not surprising -- fairly normal.

> My questions are:
> a) A record that is deleted from DNS Primary isn't supposed to be cleared
> from the DNS secondary server ? Is that a flaw in this DNS
primary/secondary
> server model ?

Not really. It is a flaw (or misconfiguration) in the
Secondary zone transfer, e.g., master address, master
allows transfers to that secondary, no firewalls preventing
it, serial number not misconfigured (secondary LOWER
than Master), etc.

> b) How NSLOOKUP determines which DNS server to query ? Isn't that supposed
> to query the DNS primary server always ?

That would be PREFERRED, but it uses the one
that is answering (best) which may not be the
preferred.

[Primary has a TECHNICAL meaning on the
server side which is unrelated to this.]

> I noticed that is not the case and
> it queried the DNS secondary too.

Yes.

And you are alway free to specify which to use
when running NSLookp:

nslookup name.domain.com 192.168.50.1

nslookup name.domain.com 192.168.50.2


--
Herb Martin


>
>
>
>
>
>
Anonymous
February 25, 2005 2:41:41 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Darn. I see that the server that is supposed to the primary DNS has a serial
number = 3682189.

The one that is the secondary is = 3682190.

That means the serial number of the primary is lower than the Secondary. In
order to fix this, can I just increment the "primary" serial number to
perhaps, 3682191 ?


Let's see
"Herb Martin" <news@LearnQuick.com> wrote in message
news:o 1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
> "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
> news:o R$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
> > In my environment I have WIn2000 AD Native.
> > We have two Win2003 DNS servers (primary and secondary).
> >
> > Recently I noticed that a host record that was deleted from the Primary
> DNS
> > server and still remained in the Secondary DNS server. Then I did a
> NSLOOKUP
> > from a workstation and sporadically the record appeared as existing. I
> mean,
> > NSLOOKUP sometimes gathered that host record information from the
> secondary
> > DNS server then.
>
> That is not surprising -- fairly normal.
>
> > My questions are:
> > a) A record that is deleted from DNS Primary isn't supposed to be
cleared
> > from the DNS secondary server ? Is that a flaw in this DNS
> primary/secondary
> > server model ?
>
> Not really. It is a flaw (or misconfiguration) in the
> Secondary zone transfer, e.g., master address, master
> allows transfers to that secondary, no firewalls preventing
> it, serial number not misconfigured (secondary LOWER
> than Master), etc.
>
> > b) How NSLOOKUP determines which DNS server to query ? Isn't that
supposed
> > to query the DNS primary server always ?
>
> That would be PREFERRED, but it uses the one
> that is answering (best) which may not be the
> preferred.
>
> [Primary has a TECHNICAL meaning on the
> server side which is unrelated to this.]
>
> > I noticed that is not the case and
> > it queried the DNS secondary too.
>
> Yes.
>
> And you are alway free to specify which to use
> when running NSLookp:
>
> nslookup name.domain.com 192.168.50.1
>
> nslookup name.domain.com 192.168.50.2
>
>
> --
> Herb Martin
>
>
> >
> >
> >
> >
> >
> >
>
>
Related resources
Anonymous
February 25, 2005 4:59:59 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Marlon Brown" <marlon_brown@hotmail.com> wrote in message
news:usdo8m2GFHA.3068@tk2msftngp13.phx.gbl...
> Darn. I see that the server that is supposed to the primary DNS has a
serial
> number = 3682189.
>
> The one that is the secondary is = 3682190.
>
> That means the serial number of the primary is lower than the Secondary.
In
> order to fix this, can I just increment the "primary" serial number to
> perhaps, 3682191 ?

Yes. Normally it takes care of this for you if
you use the GUI. It usually only happens if you
mess with the FILES or do a restore from backup.

(Or goof around with the secondary serial number.)

--
Herb Martin


>
>
> Let's see
> "Herb Martin" <news@LearnQuick.com> wrote in message
> news:o 1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
> > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
> > news:o R$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
> > > In my environment I have WIn2000 AD Native.
> > > We have two Win2003 DNS servers (primary and secondary).
> > >
> > > Recently I noticed that a host record that was deleted from the
Primary
> > DNS
> > > server and still remained in the Secondary DNS server. Then I did a
> > NSLOOKUP
> > > from a workstation and sporadically the record appeared as existing. I
> > mean,
> > > NSLOOKUP sometimes gathered that host record information from the
> > secondary
> > > DNS server then.
> >
> > That is not surprising -- fairly normal.
> >
> > > My questions are:
> > > a) A record that is deleted from DNS Primary isn't supposed to be
> cleared
> > > from the DNS secondary server ? Is that a flaw in this DNS
> > primary/secondary
> > > server model ?
> >
> > Not really. It is a flaw (or misconfiguration) in the
> > Secondary zone transfer, e.g., master address, master
> > allows transfers to that secondary, no firewalls preventing
> > it, serial number not misconfigured (secondary LOWER
> > than Master), etc.
> >
> > > b) How NSLOOKUP determines which DNS server to query ? Isn't that
> supposed
> > > to query the DNS primary server always ?
> >
> > That would be PREFERRED, but it uses the one
> > that is answering (best) which may not be the
> > preferred.
> >
> > [Primary has a TECHNICAL meaning on the
> > server side which is unrelated to this.]
> >
> > > I noticed that is not the case and
> > > it queried the DNS secondary too.
> >
> > Yes.
> >
> > And you are alway free to specify which to use
> > when running NSLookp:
> >
> > nslookup name.domain.com 192.168.50.1
> >
> > nslookup name.domain.com 192.168.50.2
> >
> >
> > --
> > Herb Martin
> >
> >
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
>
>
Anonymous
February 25, 2005 11:32:21 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hmmm... but let's see here. Isn't the serial# the one that controls if the
zones will get transferred to the secondary DNS server ? I mean, if the
secondary has a number higher than the primary, that could be because there
is no need to transfer zones at given time. Therefore this not necessarily a
malfunction, but rather a normal behavior ?

"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23yYXuW3GFHA.3876@TK2MSFTNGP14.phx.gbl...
> "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
> news:usdo8m2GFHA.3068@tk2msftngp13.phx.gbl...
> > Darn. I see that the server that is supposed to the primary DNS has a
> serial
> > number = 3682189.
> >
> > The one that is the secondary is = 3682190.
> >
> > That means the serial number of the primary is lower than the Secondary.
> In
> > order to fix this, can I just increment the "primary" serial number to
> > perhaps, 3682191 ?
>
> Yes. Normally it takes care of this for you if
> you use the GUI. It usually only happens if you
> mess with the FILES or do a restore from backup.
>
> (Or goof around with the secondary serial number.)
>
> --
> Herb Martin
>
>
> >
> >
> > Let's see
> > "Herb Martin" <news@LearnQuick.com> wrote in message
> > news:o 1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
> > > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
> > > news:o R$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
> > > > In my environment I have WIn2000 AD Native.
> > > > We have two Win2003 DNS servers (primary and secondary).
> > > >
> > > > Recently I noticed that a host record that was deleted from the
> Primary
> > > DNS
> > > > server and still remained in the Secondary DNS server. Then I did a
> > > NSLOOKUP
> > > > from a workstation and sporadically the record appeared as existing.
I
> > > mean,
> > > > NSLOOKUP sometimes gathered that host record information from the
> > > secondary
> > > > DNS server then.
> > >
> > > That is not surprising -- fairly normal.
> > >
> > > > My questions are:
> > > > a) A record that is deleted from DNS Primary isn't supposed to be
> > cleared
> > > > from the DNS secondary server ? Is that a flaw in this DNS
> > > primary/secondary
> > > > server model ?
> > >
> > > Not really. It is a flaw (or misconfiguration) in the
> > > Secondary zone transfer, e.g., master address, master
> > > allows transfers to that secondary, no firewalls preventing
> > > it, serial number not misconfigured (secondary LOWER
> > > than Master), etc.
> > >
> > > > b) How NSLOOKUP determines which DNS server to query ? Isn't that
> > supposed
> > > > to query the DNS primary server always ?
> > >
> > > That would be PREFERRED, but it uses the one
> > > that is answering (best) which may not be the
> > > preferred.
> > >
> > > [Primary has a TECHNICAL meaning on the
> > > server side which is unrelated to this.]
> > >
> > > > I noticed that is not the case and
> > > > it queried the DNS secondary too.
> > >
> > > Yes.
> > >
> > > And you are alway free to specify which to use
> > > when running NSLookp:
> > >
> > > nslookup name.domain.com 192.168.50.1
> > >
> > > nslookup name.domain.com 192.168.50.2
> > >
> > >
> > > --
> > > Herb Martin
> > >
> > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
Anonymous
February 26, 2005 1:53:43 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Marlon Brown" <marlon_brown@hotmail.com> wrote in message
news:o EOQ9u7GFHA.2276@TK2MSFTNGP15.phx.gbl...
> Hmmm... but let's see here. Isn't the serial# the one that controls if the
> zones will get transferred to the secondary DNS server ? I mean, if the
> secondary has a number higher than the primary, that could be because
there
> is no need to transfer zones at given time. Therefore this not necessarily
a
> malfunction, but rather a normal behavior ?

No, it is almost always wrong.

If the zones transferred correctly the numbers
would be EQUAL.

Then the next time a change happened on the
primary it would transfer since Primary would
increment by 1.
!