none
DHCP Not Updating DNS 2008 Server

    General discussion

  • I have a 2008 DC with AD integrated dynamic updates (secure only) set on DNS and DHCP scope set to Enable DNS dynamic updates according to, Always dynamically update DNS A and PTR records. And Discard A and PTR records when lease is deleted. However, it seems our laptops have 2 IPs. One for LAN and one for Wireless. Only the Wireless IP is registering in DNS on the DC and not the LAN IP. I can see in DHCP a pen icon by each fqdn wireless but no pen next to the LAN IP. How can I get both IPs into DNS? And why is DHCP not adding all its IPs into DNS? Thanks...

    • Changed type Tiger Li Friday, May 21, 2010 8:40 AM
    Thursday, May 13, 2010 6:17 PM

All replies

  • On Thu, 13 May 2010 18:17:57 +0000, MarcGel wrote:
     
    >
    >
    >I have a 2008 DC with AD integrated dynamic updates (secure only) set on DNS and DHCP scope set to Enable DNS dynamic updates according to, Always dynamically update DNS A and PTR records. And Discard A and PTR records when lease is deleted. However, it seems our laptops have 2 IPs. One for LAN and one for Wireless. Only the Wireless IP is registering in DNS on the DC and not the LAN IP. I can see in DHCP a pen icon by each fqdn wireless but no pen next to the LAN IP. How can I get both IPs into DNS? And why is DHCP not adding all its IPs into DNS? Thanks...
     
    The pen icon means "Active lease, DNS dynamic update pending. This
    address is not available for lease by the DHCP server."
     
    DHCP Tech Reference:
    http://technet.microsoft.com/en-us/library/cc781580.aspx
     
    Also, it may mean that if it is stuck on the pencil icon, it means it
    cannot update the record in DNS because it already exists and DHCP
    server does not own the record, the client machine does, and therefore
    the DHCP server cannot update the record. One way to get around that
    is to force DHCP to own the record, but there are few steps you need
    to perform to enable this feature, as well as set scavenging options.
    Please read my blog in the following link explaining this and a
    how-to.
     
    DHCP, Dynamic DNS Updates, Scavenging, static entries & timestamps,
    and the DnsProxyUpdate Group (How to remove duplicate DNS host
    records)
    http://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx
     
     
    I hope you find it helpful.
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Thursday, May 13, 2010 11:21 PM
  • I'm not sure this information specifically addresses the issue where only one IP for each machine is getting registered in DNS when each machine (being laptops) have two (one for wireless, one for LAN). I'd like to see 2 cnames in DNS, but it looks like only the wireless IPs are getting registered. Also, I'm not seeing Option 81 in DHCP. Not sure that's why there's a problem or not. Thoughts?
    Friday, May 14, 2010 6:24 PM
  • On Fri, 14 May 2010 18:24:27 +0000, MarcGel wrote:
     
    >I'm not sure this information specifically addresses the issue where only one IP for each machine is getting registered in DNS when each machine (being laptops) have two (one for wireless, one for LAN). I'd like to see 2 cnames in DNS, but it looks like only the wireless IPs are getting registered. Also, I'm not seeing Option 81 in DHCP. Not sure that's why there's a problem or not. Thoughts?
     
    Hi MarcGel,
     
    Option 081 is actually the DNS tab in DHCP properties (right-click
    DHCP server name, choose properties, click on the DNS tab). All those
    selections and options are essentially Option 081.
     
    As for why the wireless and not the wired, more than likely because
    the wireless is the active interface, assuming they are not plugged in
    and connected wirelessly. If they had at any one time registered, such
    as when originally setting up the laptop, and you have scavenging
    selected, or ven the selection to Discard the lease is up, therefore,
    if was scavenged or the wired connection lease was up, then you wopld
    no longer see the wireless IP registration in DNS, unless when
    originally configured they never were plugged in?
     
    Also, you wouldn't see a CNAME registered, rather you would see a
    Hostname (an "A" record) in DNS.
     
    Besides, it *seems* what you are looking for, is duplicate records? So
    you would have a laptop with two entries, one for the wireless and one
    for the wired interface? Is that what you want it to do? Many IT folks
    usually opt to not have this, since it causes issues with connectivity
    trying to manage the laptop, especially if using management tools,
    such as SMS.
     
    Ace
     
     
     
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Monday, May 17, 2010 4:57 AM
  • Hi MarcGel 

    As I understand that your issue is the DHCP record can’t be registered in DNS server.
    If I misunderstand please let me know

    Is there any  reservation setting for wireless NIC on you DHCP server ?
    Is this happen only one particular computer or all computer which has multi NIC? And Is the issue laptop a member computer of domain ?
    Have you attempt to use “ipconfig /release” and “ipconfig  /renew” on your laptop for re-register the DNS record ?

    The DHCP server require the client's Option 81 to update the pointer (PTR) and Host (A) resource records of DNS server.
    Please understand that Option 81 is not listed in the Scope Options nor the Server Options in DHCP. As Fekay said the option 81 is the setting of DNS tab in DHCP properties.
    You can also check the option 81 setting value with show optionvalue  switch of netsh command
    Please reference this article

    The values that appear for DHCP option 81 and the corresponding GUI meanings that are shown in the DHCP MMC snap-in in Windows Server 2003
    http://support.microsoft.com/kb/945397

    Using DNS servers with DHCP

    http://technet.microsoft.com/en-us/library/cc787034(WS.10).aspx

    Please refer to this post where we discussed the same issue:

    Clients can't register in DNS server.

    http://social.technet.microsoft.com/Forums/fi-FI/winserverNIS/thread/d588af29-a6e3-40f3-9f6e-15f7762ad12c

    DNS server is not updating

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/2480a350-5633-4e42-9d3c-af1e58a3e8b5

    Thanks

    Tiger LI

    Tuesday, May 18, 2010 1:17 AM
  • Hi Ace,

    Sorry, I meant hostname A record. But I think you're right about the scavenging. It was set to 1 day for some reason. Not sure why unless there was someone doing some testing and wanted it set that way. I've changed that now to 90 days but not sure what's the best practice is here. I think it depends on the person, which IP (wireless or LAN) needs to be registered in DNS. Some people take their laptops into meetings and need wireless, so good to have that IP in DNS, but some users (like myself) have a docking station and rarely remove the laptop.

    So, what I'm trying (in my case also for someone who's having issues with wireless drivers) is to get my LAN NIC registered in DNS as only my wireless is in there now. So, I've disconnected my wireless and am on LAN line now and have tried ipconfig /release, /renew, and even /registerdns (which gave me a message "Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes." but I don't get any errors and the IP never shows up in DNS. There's no manually set reservation in DHCP for my LAN IP (its in the address leases though) but it never seems to change and is not registered in DNS (no pen by the icon).

    Yes, this is a domain scenario using 2008 AD integrated. In DHCP Option 81 (thanks for clarifying) is set to Always dynamically update DNS, Discard A & PTR unchecked, and Dynamically update A & PTR for clients that don't request is checked as well.

    In DHCP I'm seeing a pen icon next to (what I believe to be) the wireless IPs on all our laptops (at least it is in my case). This indicates the lease is waiting to be written to DNS, right? Yet, its already in DNS. Could this indicate something? And finally I added the DC to the DNSUpdateProxyGroup per Tiger's link suggestions, still no go on getting my LAN IP in DNS. Thanks for you help guys.

    Tuesday, May 18, 2010 4:50 PM
  • On Tue, 18 May 2010 16:50:43 +0000, MarcGel wrote:
     
    >
    >
    >Hi Ace,
    >
    >Sorry, I meant hostname A record. But I think you're right about the scavenging. It was set to 1 day for some reason. Not sure why unless there was someone doing some testing and wanted it set that way. I've changed that now to 90 days but not sure what's the best practice is here. I think it depends on the person, which IP (wireless or LAN) needs to be registered in DNS. Some people take their laptops into meetings and need wireless, so good to have that IP in DNS, but some users (like myself) have a docking station and rarely remove the laptop.
    >
    >So, what I'm trying (in my case also for someone who's having issues with wireless drivers) is to get my LAN NIC registered in DNS as only my wireless is in there now. So, I've disconnected my wireless and am on LAN line now and have tried ipconfig /release, /renew, and even /registerdns (which gave me a message "Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes." but I don't get any errors and the IP never shows up in DNS. There's no manually set reservation in DHCP for my LAN IP (its in the address leases though) but it never seems to change and is not registered in DNS (no pen by the icon).
    >
    >Yes, this is a domain scenario using 2008 AD integrated. In DHCP Option 81 (thanks for clarifying) is set to Always dynamically update DNS, Discard A & PTR unchecked, and Dynamically update A & PTR for clients that don't request is checked as well.
    >
    >In DHCP I'm seeing a pen icon next to (what I believe to be) the wireless IPs on all our laptops (at least it is in my case). This indicates the lease is waiting to be written to DNS, right? Yet, its already in DNS. Could this indicate something? And finally I added the DC to the DNSUpdateProxyGroup per Tiger's link suggestions, still no go on getting my LAN IP in DNS. Thanks for you help guys.
     
     
     
     
    Hi MarcGel,
     
    How many DC/DNS servers do you have? That setting should be set on all
    of them, but if the zone's AD integrated, it would replicate a
    scavenged deletion to all of them anyway.
     
    The pen is saying it is wating to be written, but you may be seeing a
    previously registered entry in DNS.
     
    Regarding forcing DHCP to own the records, you have a couple of
    options. You can either add the DC/DHCP server to the DnsUpdateProxy
    group, as Tiger's link suggested, or you can configure credentials for
    the DHCP server to use when registering records. It will use the
    credentials as the owner on the record, wihch will provide the abiilty
    to update the record when changed.
     
    There may be security concerns adding a DC to the DnsUpdateProxy
    group, because it actually causes an unsecured scenario since the
    group opens up a DC. For this reason, I don't use it, and use the
    credentials method. Read more about it in Ulf's blog:
     
    DHCP, DNS and the DNSUpdateProxy-Group
    http://msmvps.com/blogs/UlfBSimonWeidner/archive/2004/11/15/19325.aspx
     
    Follow up discussion on the DNSUpdateProxy-Group
    http://msmvps.com/blogs/UlfBSimonWeidner/archive/2005/03/26/39841.aspx
     
    Also, regarding a step by step and more specific info about
    scavenging, credentials, DnsUpdateProxy group, etc, please take a loog
    at my blog. I hope you find it helpful.
     
    DHCP, Dynamic DNS Updates, Scavenging, static entries & timestamps,
    and the DnsProxyUpdate Group (How to remove duplicate DNS host
    records)
    http://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Thursday, May 20, 2010 6:23 AM
  • I just want to conform that are the wireless and wire of laptop all connect to a same subnet?

    Is the laptop also a member of this domain ?

    What the laptop’s OS?

     

    For isolate the issue I suggest  please check if worked with following step

    1、 scavenging the DHCP server manually first ,and delete the wireless DNS and DHCP record on both server.

    2、 disable the client’s wireless NIC and connect to network via wire NIC only.

    3、 execute ipconfig /release, /renew, and /registerdns on your client side.

     

    If it not worked ,Please check the steps blow and retry the steps above again

     

    1、 set the AD integration DNS zone dynamic update to “nonsecure and secure”

    2、 check the option “register this connection's addresses in DNS” of your client pc’s wire NIC.

     

    If all steps still not worked, for deeper investigation ,according DNS dynamic update protocol, I thought it should occur some issue on the 3th step(check the description below ),so you may like to capture the network traffic between the client and DNS server after the client PC has succeed obtained the IP address from DHCP server.

     

    Download the NetMon3.3 from the following link:

     

    http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

     

    1)      Install the network monitor on the DNS server and client.

    2)      Disable the wireless NIC and connect the wire NIC to network for obtain the IP address from DHCP

    3)      Start the capture on two sides, verify if the client has send any information to DNS server for registers its A record .

     

    DHCP/DNS update interaction for DHCP clients

     

    DHCP clients running Windows 2000, Windows XP, or a Windows Server 2003 operating system interact with DNS dynamic update protocol as follows:

    1. The client initiates a DHCP request message (DHCPREQUEST) to the server and includes DHCP option 81. By default, the client requests that the DHCP server register the DNS PTR record, while the client registers its own DNS A record.
    2. The server returns a DHCP acknowledgment message (DHCPACK) to the client, granting an IP address lease and including DHCP option 81. If the DHCP server is configured with the default settings (dynamically update DNS A and PTR records only if requested by the DHCP clients), then option 81 instructs the client that the DHCP server will register the DNS PTR record and the client will register the DNS A record.
    3. Asynchronously, the client registers its DNS A record, and the DHCP server registers the DNS PTR record of the client.

     

    Thanks

     

    Tiger Li

    Thursday, May 20, 2010 10:02 AM
  • I do have a backup DC with DNS on it. It also has aging set to 1 day. Just changed that to 90. Again, not sure about best practice. Went ahead with manually deleting my wireless IP from DNS, turned off wireless card, ran ipconfig /registerdns. Waiting to see. As for duplicate host records, that's what I want. I want 2 A records for each Host, one IP for wireless and one for LAN NIC. DHCP seems to have less pens waiting to write to DNS.

    Ok, everything updated fine and now my A record is correct in DNS (LAN NIC IP registered).

    Thursday, June 03, 2010 5:47 PM
  • Hi Tiger, doing the manual delete of the wireless IP from DNS and then from the Host PC doing ipconfig /registerdns worked. It looks like these settings helped.

    To isolate the issue I suggest  please check if worked with following step

    1、 scavenging the DHCP server manually first ,and delete the wireless DNS and DHCP record on both server.

    2、 disable the client’s wireless NIC and connect to network via wire NIC only.

    3、 execute ipconfig /release, /renew, and /registerdns on your client side.

     

    If it not worked ,Please check the steps blow and retry the steps above again

     

    1、 set the AD integration DNS zone dynamic update to “nonsecure and secure”

    2、 check the option “register this connection's addresses in DNS” of your client pc’s wire NIC.

    I'm still not getting both IPs in DNS though. Is there something I could check to allow 2 (A) records for each laptop (1 for wired and 1 for wireless IP)? That would be ideal. It looks like a lot of those DHCP waiting to write Pen icons have gone away. I'll keep reading your articles to see if there's something I missed. Thanks!

     

     

    Thursday, June 03, 2010 5:56 PM
  • On Thu, 3 Jun 2010 17:47:54 +0000, MarcGel wrote:
     
    >
    >
    >I do have a backup DC with DNS on it. It also has aging set to 1 day. Just changed that to 90. Again, not sure about best practice. Went ahead with manually deleting my wireless IP from DNS, turned off wireless card, ran ipconfig /registerdns. Waiting to see. As for duplicate host records, that's what I want. I want 2 A records for each Host, one IP for wireless and one for LAN NIC. DHCP seems to have less pens waiting to write to DNS.
    >
    >Ok, everything updated fine and now my A record is correct in DNS (LAN NIC IP registered).
     
    Good to hear it's now working.
     
    As for scavenging, I usually leave it to the default 7 days. It works
    nicely. You will want to keep it around the same time as your DHCP
    lease length.
     
    Also, having two IPs for the same hostname is usually not what we want
    to see in an environment, at least not for a workstation, and is
    certaintly not a best practice. After all, think of it this way - if
    you try to manage the workstation, and the management tool (whether
    Computer Management, SMS, SCCM, third party, etc) tries to resolve the
    client, DNS sees there are two IPs, therefore it will Round Robin
    between the two, and the management tool, or even if trying to UNC to
    the machine, may get the wrong IP and not be able to connect.
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Saturday, June 05, 2010 12:28 AM
  • Hi Team,

    I HAVE TWO NAME SERVER. ONE IS DR SITE SECOND IS THE DC SITE. MAXIMUM I HAVE TOTAL 30 CLIENT . SO I HAVE FACING MORE PROBLEM

    WHEN I OPENING ANY WEB PAGE.

     

    1. 504 GATEWAY TIMEOUT:REMOTE SERVER DID NOT RESPOND TO THE PROXY.

     

    So kindly help me .

     

    Thanks

    Ram

     

     

     

     


    Ram Prakash Sharma
    Monday, January 09, 2012 7:33 AM