none
Server 2008 dns issues

    Question

  • We introduced a Server 2008 R2 DNS server into our 2003 environment and it caused all kinds of issues with the web server for that domain.  The web server in that domain has multiple ip addresses for different sites so the 2008 server added a same as parent entry for each of those ip's.  So now when you try to go to the site for that web server you get different pages each time.  It also added a same as parent entry for the IPV6 feature on the server.  So when you go to ping the domain by name you get a different address each time.  Sometimes it responds back with the IPV6 entry that is not even on the web server.  How do we keep from those populating into dns?
    Wednesday, September 29, 2010 1:51 PM

Answers

  • We introduced a Server 2008 R2 DNS server into our 2003 environment and it caused all kinds of issues with the web server for that domain.  The web server in that domain has multiple ip addresses for different sites so the 2008 server added a same as parent entry for each of those ip's.  So now when you try to go to the site for that web server you get different pages each time.  It also added a same as parent entry for the IPV6 feature on the server.  So when you go to ping the domain by name you get a different address each time.  Sometimes it responds back with the IPV6 entry that is not even on the web server.  How do we keep from those populating into dns?


    Disable round-robin in your DNS Properties.

    1. Open DNS Console
    2. Right click on the DNS Server Name and select properties
    3. Select the Advanced Tab
    4. Uncheck, "Enable round robin"
    5. Click OK to exit
    6. Expand the Forward Lookup Zone trees and correct your DNS entries according to your intranet/public website hostnames or cnames. You may need to write down all of your IIS bindings. (Good to have this list anyway!)
    7. Update the individual records to eliminate those round robin entries from Dynamic DNS updates.
    8. Right click on your Domain Name
    9. Update the settings for Dynamic DNS Updates to Secure Only

    That will fix the issue you are having. Round-Robin is like a clustering/load balance technology that refers to many servers as the same resource. Thus you're getting multiple pages with different content. For better results, force any persons having an issue still to run ipconfig /flushdns to resolve the issue on the client side after you've completed the server side work. It will take until the TTL on the DNS record to correct across the domain.

    If you want, you can reenable Round-Robin... but you should put static entries in your DNS server for those IPs so that claim entries for existing names arent overwritten.

    If it persists and does overwrite that DNS entry again, perform those steps one more time... it takes about 30-45 seconds... except renaming the bad entries in DNS.

    Once you recreate the host records in DNS, you can alternatively change the NTFS permissions on each record for that web server.

    Positive Uses of Round Robin

    When you have a NAS that has multiple NICs online at once, you can establish round-robin to distribute loads between NICs.

    IIS is good with round-robin usually... but some people have wierd IIS configs that usually don't match the typical use... and round-robin can be a pain, like you're experiencing.

    Best Regards,


    Steve Kline
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Product Specialist
    Microsoft Certified Network Product Specialist
    This posting is "as is" without warranties and confers no rights.

     

    • Marked as answer by Bruce-Liu Thursday, October 07, 2010 12:40 PM
    Wednesday, September 29, 2010 6:46 PM

All replies

  • Hello

    You may need to disable IPV6 and then make a manual entry for all the IP addresses of the webserver. Do not let DNS dynamically assigned the IPs


    Isaac Oben MCITP:EA, MCSE
    Wednesday, September 29, 2010 2:36 PM
  • I have removed the dns server role from the 2008 server and disabled IPV6 but when I go back to our 2003 dns server (which is the only name server now on the domain) it keeps getting repopulated with the dns entries from the 2008 server.  I can delete the same as parent entries that I do not want, wait about 5 minutes hit refresh and they are right back in there.  Where is it pulling them from?
    Wednesday, September 29, 2010 2:41 PM
  • It is probably pulling it from the active directory database if you have active directory integrated DNS. Try to change the parent entry with the names of the server/site you want iP to refer to
    Isaac Oben MCITP:EA, MCSE
    Wednesday, September 29, 2010 2:51 PM
  • It is active directory integrated.  However when the domain had all 2003 DC's and DNS servers it was also integrated and everything worked fine.  It was not till we add the DNS role to the new 2008 server that this began.  For some reason that 2008 server wants to enter all the ip addresses of our web server as the following entry:

    (Same as Parent folder)  Host(A)   x.x.x.x

    So when you go to ping the domain name it gives you a different ip each time.

    Wednesday, September 29, 2010 3:52 PM
  • We introduced a Server 2008 R2 DNS server into our 2003 environment and it caused all kinds of issues with the web server for that domain.  The web server in that domain has multiple ip addresses for different sites so the 2008 server added a same as parent entry for each of those ip's.  So now when you try to go to the site for that web server you get different pages each time.  It also added a same as parent entry for the IPV6 feature on the server.  So when you go to ping the domain by name you get a different address each time.  Sometimes it responds back with the IPV6 entry that is not even on the web server.  How do we keep from those populating into dns?


    Disable round-robin in your DNS Properties.

    1. Open DNS Console
    2. Right click on the DNS Server Name and select properties
    3. Select the Advanced Tab
    4. Uncheck, "Enable round robin"
    5. Click OK to exit
    6. Expand the Forward Lookup Zone trees and correct your DNS entries according to your intranet/public website hostnames or cnames. You may need to write down all of your IIS bindings. (Good to have this list anyway!)
    7. Update the individual records to eliminate those round robin entries from Dynamic DNS updates.
    8. Right click on your Domain Name
    9. Update the settings for Dynamic DNS Updates to Secure Only

    That will fix the issue you are having. Round-Robin is like a clustering/load balance technology that refers to many servers as the same resource. Thus you're getting multiple pages with different content. For better results, force any persons having an issue still to run ipconfig /flushdns to resolve the issue on the client side after you've completed the server side work. It will take until the TTL on the DNS record to correct across the domain.

    If you want, you can reenable Round-Robin... but you should put static entries in your DNS server for those IPs so that claim entries for existing names arent overwritten.

    If it persists and does overwrite that DNS entry again, perform those steps one more time... it takes about 30-45 seconds... except renaming the bad entries in DNS.

    Once you recreate the host records in DNS, you can alternatively change the NTFS permissions on each record for that web server.

    Positive Uses of Round Robin

    When you have a NAS that has multiple NICs online at once, you can establish round-robin to distribute loads between NICs.

    IIS is good with round-robin usually... but some people have wierd IIS configs that usually don't match the typical use... and round-robin can be a pain, like you're experiencing.

    Best Regards,


    Steve Kline
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Product Specialist
    Microsoft Certified Network Product Specialist
    This posting is "as is" without warranties and confers no rights.

     

    • Marked as answer by Bruce-Liu Thursday, October 07, 2010 12:40 PM
    Wednesday, September 29, 2010 6:46 PM
  • We introduced a Server 2008 R2 DNS server into our 2003 environment and it caused all kinds of issues with the web server for that domain.  The web server in that domain has multiple ip addresses for different sites so the 2008 server added a same as parent entry for each of those ip's.  So now when you try to go to the site for that web server you get different pages each time.  It also added a same as parent entry for the IPV6 feature on the server.  So when you go to ping the domain by name you get a different address each time.  Sometimes it responds back with the IPV6 entry that is not even on the web server.  How do we keep from those populating into dns?

    NETBIOS probably helped in this with Dynamic DNS.. the description I provided before will resolve when you set a static DNS name for each interface.
    Steve Kline
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Product Specialist
    Microsoft Certified Network Product Specialist
    This posting is "as is" without warranties and confers no rights.
    Thursday, September 30, 2010 5:40 PM