Records deleted from DNS primary didn't get updated on DNS..

Archived from groups: microsoft.public.win2000.dns (More info?)

In my environment I have WIn2000 AD Native.
We have two Win2003 DNS servers (primary and secondary).

Recently I noticed that a host record that was deleted from the Primary DNS
server and still remained in the Secondary DNS server. Then I did a NSLOOKUP
from a workstation and sporadically the record appeared as existing. I mean,
NSLOOKUP sometimes gathered that host record information from the secondary
DNS server then.

My questions are:
a) A record that is deleted from DNS Primary isn't supposed to be cleared
from the DNS secondary server ? Is that a flaw in this DNS primary/secondary
server model ?

b) How NSLOOKUP determines which DNS server to query ? Isn't that supposed
to query the DNS primary server always ? I noticed that is not the case and
it queried the DNS secondary too.
5 answers Last reply
More about records deleted primary didn updated
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    news:OR$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
    > In my environment I have WIn2000 AD Native.
    > We have two Win2003 DNS servers (primary and secondary).
    >
    > Recently I noticed that a host record that was deleted from the Primary
    DNS
    > server and still remained in the Secondary DNS server. Then I did a
    NSLOOKUP
    > from a workstation and sporadically the record appeared as existing. I
    mean,
    > NSLOOKUP sometimes gathered that host record information from the
    secondary
    > DNS server then.

    That is not surprising -- fairly normal.

    > My questions are:
    > a) A record that is deleted from DNS Primary isn't supposed to be cleared
    > from the DNS secondary server ? Is that a flaw in this DNS
    primary/secondary
    > server model ?

    Not really. It is a flaw (or misconfiguration) in the
    Secondary zone transfer, e.g., master address, master
    allows transfers to that secondary, no firewalls preventing
    it, serial number not misconfigured (secondary LOWER
    than Master), etc.

    > b) How NSLOOKUP determines which DNS server to query ? Isn't that supposed
    > to query the DNS primary server always ?

    That would be PREFERRED, but it uses the one
    that is answering (best) which may not be the
    preferred.

    [Primary has a TECHNICAL meaning on the
    server side which is unrelated to this.]

    > I noticed that is not the case and
    > it queried the DNS secondary too.

    Yes.

    And you are alway free to specify which to use
    when running NSLookp:

    nslookup name.domain.com 192.168.50.1

    nslookup name.domain.com 192.168.50.2


    --
    Herb Martin


    >
    >
    >
    >
    >
    >
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Darn. I see that the server that is supposed to the primary DNS has a serial
    number = 3682189.

    The one that is the secondary is = 3682190.

    That means the serial number of the primary is lower than the Secondary. In
    order to fix this, can I just increment the "primary" serial number to
    perhaps, 3682191 ?


    Let's see
    "Herb Martin" <news@LearnQuick.com> wrote in message
    news:O1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
    > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    > news:OR$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
    > > In my environment I have WIn2000 AD Native.
    > > We have two Win2003 DNS servers (primary and secondary).
    > >
    > > Recently I noticed that a host record that was deleted from the Primary
    > DNS
    > > server and still remained in the Secondary DNS server. Then I did a
    > NSLOOKUP
    > > from a workstation and sporadically the record appeared as existing. I
    > mean,
    > > NSLOOKUP sometimes gathered that host record information from the
    > secondary
    > > DNS server then.
    >
    > That is not surprising -- fairly normal.
    >
    > > My questions are:
    > > a) A record that is deleted from DNS Primary isn't supposed to be
    cleared
    > > from the DNS secondary server ? Is that a flaw in this DNS
    > primary/secondary
    > > server model ?
    >
    > Not really. It is a flaw (or misconfiguration) in the
    > Secondary zone transfer, e.g., master address, master
    > allows transfers to that secondary, no firewalls preventing
    > it, serial number not misconfigured (secondary LOWER
    > than Master), etc.
    >
    > > b) How NSLOOKUP determines which DNS server to query ? Isn't that
    supposed
    > > to query the DNS primary server always ?
    >
    > That would be PREFERRED, but it uses the one
    > that is answering (best) which may not be the
    > preferred.
    >
    > [Primary has a TECHNICAL meaning on the
    > server side which is unrelated to this.]
    >
    > > I noticed that is not the case and
    > > it queried the DNS secondary too.
    >
    > Yes.
    >
    > And you are alway free to specify which to use
    > when running NSLookp:
    >
    > nslookup name.domain.com 192.168.50.1
    >
    > nslookup name.domain.com 192.168.50.2
    >
    >
    > --
    > Herb Martin
    >
    >
    > >
    > >
    > >
    > >
    > >
    > >
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    news:usdo8m2GFHA.3068@tk2msftngp13.phx.gbl...
    > Darn. I see that the server that is supposed to the primary DNS has a
    serial
    > number = 3682189.
    >
    > The one that is the secondary is = 3682190.
    >
    > That means the serial number of the primary is lower than the Secondary.
    In
    > order to fix this, can I just increment the "primary" serial number to
    > perhaps, 3682191 ?

    Yes. Normally it takes care of this for you if
    you use the GUI. It usually only happens if you
    mess with the FILES or do a restore from backup.

    (Or goof around with the secondary serial number.)

    --
    Herb Martin


    >
    >
    > Let's see
    > "Herb Martin" <news@LearnQuick.com> wrote in message
    > news:O1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
    > > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    > > news:OR$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
    > > > In my environment I have WIn2000 AD Native.
    > > > We have two Win2003 DNS servers (primary and secondary).
    > > >
    > > > Recently I noticed that a host record that was deleted from the
    Primary
    > > DNS
    > > > server and still remained in the Secondary DNS server. Then I did a
    > > NSLOOKUP
    > > > from a workstation and sporadically the record appeared as existing. I
    > > mean,
    > > > NSLOOKUP sometimes gathered that host record information from the
    > > secondary
    > > > DNS server then.
    > >
    > > That is not surprising -- fairly normal.
    > >
    > > > My questions are:
    > > > a) A record that is deleted from DNS Primary isn't supposed to be
    > cleared
    > > > from the DNS secondary server ? Is that a flaw in this DNS
    > > primary/secondary
    > > > server model ?
    > >
    > > Not really. It is a flaw (or misconfiguration) in the
    > > Secondary zone transfer, e.g., master address, master
    > > allows transfers to that secondary, no firewalls preventing
    > > it, serial number not misconfigured (secondary LOWER
    > > than Master), etc.
    > >
    > > > b) How NSLOOKUP determines which DNS server to query ? Isn't that
    > supposed
    > > > to query the DNS primary server always ?
    > >
    > > That would be PREFERRED, but it uses the one
    > > that is answering (best) which may not be the
    > > preferred.
    > >
    > > [Primary has a TECHNICAL meaning on the
    > > server side which is unrelated to this.]
    > >
    > > > I noticed that is not the case and
    > > > it queried the DNS secondary too.
    > >
    > > Yes.
    > >
    > > And you are alway free to specify which to use
    > > when running NSLookp:
    > >
    > > nslookup name.domain.com 192.168.50.1
    > >
    > > nslookup name.domain.com 192.168.50.2
    > >
    > >
    > > --
    > > Herb Martin
    > >
    > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > >
    > >
    >
    >
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    Hmmm... but let's see here. Isn't the serial# the one that controls if the
    zones will get transferred to the secondary DNS server ? I mean, if the
    secondary has a number higher than the primary, that could be because there
    is no need to transfer zones at given time. Therefore this not necessarily a
    malfunction, but rather a normal behavior ?

    "Herb Martin" <news@LearnQuick.com> wrote in message
    news:%23yYXuW3GFHA.3876@TK2MSFTNGP14.phx.gbl...
    > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    > news:usdo8m2GFHA.3068@tk2msftngp13.phx.gbl...
    > > Darn. I see that the server that is supposed to the primary DNS has a
    > serial
    > > number = 3682189.
    > >
    > > The one that is the secondary is = 3682190.
    > >
    > > That means the serial number of the primary is lower than the Secondary.
    > In
    > > order to fix this, can I just increment the "primary" serial number to
    > > perhaps, 3682191 ?
    >
    > Yes. Normally it takes care of this for you if
    > you use the GUI. It usually only happens if you
    > mess with the FILES or do a restore from backup.
    >
    > (Or goof around with the secondary serial number.)
    >
    > --
    > Herb Martin
    >
    >
    > >
    > >
    > > Let's see
    > > "Herb Martin" <news@LearnQuick.com> wrote in message
    > > news:O1HyKK2GFHA.3180@tk2msftngp13.phx.gbl...
    > > > "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    > > > news:OR$hkA2GFHA.1476@TK2MSFTNGP09.phx.gbl...
    > > > > In my environment I have WIn2000 AD Native.
    > > > > We have two Win2003 DNS servers (primary and secondary).
    > > > >
    > > > > Recently I noticed that a host record that was deleted from the
    > Primary
    > > > DNS
    > > > > server and still remained in the Secondary DNS server. Then I did a
    > > > NSLOOKUP
    > > > > from a workstation and sporadically the record appeared as existing.
    I
    > > > mean,
    > > > > NSLOOKUP sometimes gathered that host record information from the
    > > > secondary
    > > > > DNS server then.
    > > >
    > > > That is not surprising -- fairly normal.
    > > >
    > > > > My questions are:
    > > > > a) A record that is deleted from DNS Primary isn't supposed to be
    > > cleared
    > > > > from the DNS secondary server ? Is that a flaw in this DNS
    > > > primary/secondary
    > > > > server model ?
    > > >
    > > > Not really. It is a flaw (or misconfiguration) in the
    > > > Secondary zone transfer, e.g., master address, master
    > > > allows transfers to that secondary, no firewalls preventing
    > > > it, serial number not misconfigured (secondary LOWER
    > > > than Master), etc.
    > > >
    > > > > b) How NSLOOKUP determines which DNS server to query ? Isn't that
    > > supposed
    > > > > to query the DNS primary server always ?
    > > >
    > > > That would be PREFERRED, but it uses the one
    > > > that is answering (best) which may not be the
    > > > preferred.
    > > >
    > > > [Primary has a TECHNICAL meaning on the
    > > > server side which is unrelated to this.]
    > > >
    > > > > I noticed that is not the case and
    > > > > it queried the DNS secondary too.
    > > >
    > > > Yes.
    > > >
    > > > And you are alway free to specify which to use
    > > > when running NSLookp:
    > > >
    > > > nslookup name.domain.com 192.168.50.1
    > > >
    > > > nslookup name.domain.com 192.168.50.2
    > > >
    > > >
    > > > --
    > > > Herb Martin
    > > >
    > > >
    > > > >
    > > > >
    > > > >
    > > > >
    > > > >
    > > > >
    > > >
    > > >
    > >
    > >
    >
    >
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Marlon Brown" <marlon_brown@hotmail.com> wrote in message
    news:OEOQ9u7GFHA.2276@TK2MSFTNGP15.phx.gbl...
    > Hmmm... but let's see here. Isn't the serial# the one that controls if the
    > zones will get transferred to the secondary DNS server ? I mean, if the
    > secondary has a number higher than the primary, that could be because
    there
    > is no need to transfer zones at given time. Therefore this not necessarily
    a
    > malfunction, but rather a normal behavior ?

    No, it is almost always wrong.

    If the zones transferred correctly the numbers
    would be EQUAL.

    Then the next time a change happened on the
    primary it would transfer since Primary would
    increment by 1.
Ask a new question

Read More

DNS Server DNS Servers Windows