none
DHCP/DNS registration issues RRS feed

  • Question

  • My setup:

    2003 AD Domain

    2000/XP clients

    1 DHCP server (running on a Domain Controller) with multiple scopes
    All scopes are setup to Enable DNS dynamic updates according to the settings: Always dynamically update DNS A and PTR records, Discard A and PTR records when lease is deleted and Dynamically update DNS A and PTR records for DHCP clients that do not request updates

    The DHCP server is listed in the DNSUpdate Proxy group and is using a domain account (which is also in the DNSUpdate Proxy group) for DNS dynamic update registration credentials

    2 DNS servers (running on both Domain Controllers): All forward and Reverse lookup zones are AD intergrated, Allow only Secure updates and replicate to all Domain Controllers in the AD Domain
    DHCP handles DNS client registration

    I am having sporadic issues with clients not being registered in DNS. This is happening no matter what scope a client gets its IP setting from.

    I have once entire Reverse Lookup zone that has no records at all in it while there are some associated A records in the Forward lookup zone.

    In the DHCP scope that is associated with the empty reverse Lookup zone, the DHCP leases all have the "pen" icon on them.

    The DHCP log shows DNS records sucessfully updating at various times during the day but also failing to update:

    31,11/23/09,15:54:28,DNS Update Failed,192.168.253.20,PC1.DOMAIN.COM,2,
    30,11/23/09,15:54:28,DNS Update Request,20.253.168.192,PC1.DOMAIN.COM,,
    31,11/23/09,15:54:28,DNS Update Failed,192.168.253.21,PC2.DOMAIN.COM,2,
    30,11/23/09,15:54:28,DNS Update Request,21.253.168.192,PC2.DOMAIN.COM,,
    31,11/23/09,15:54:28,DNS Update Failed,192.168.253.23,PC3.DOMAIN.COM,2,
    30,11/23/09,15:54:28,DNS Update Request,23.253.168.192,PC3.DOMAIN.COM,,
    31,11/23/09,15:54:28,DNS Update Failed,192.168.253.24,PC4.DOMAIN.COM,2,
    30,11/23/09,15:54:28,DNS Update Request,24.253.168.192,PC4.DOMAIN.COM,,



    -The security in the zone is the default
    -No failed logons on the DNS server which is also a DC and a DHCP server
    -The IPs listed above are legit. They come from a DHCP scope of 192.168.253.18-192.168.253.111

    When trying to run ipconfig/registerdns on a PC that is having issues, here are the DHCP and DNS logs:

    DHCP:
    31,11/24/09,00:00:35,DNS Update Failed,192.168.253.20,PC1.Domain.COM,2,
    30,11/24/09,00:00:35,DNS Update Request,20.253.168.192,PC1.Domain.COM,,


    DNS:

    20091124 08:33:11 28F0 PACKET 020BAD60 UDP Rcv 192.168.253.20 4a8a Q [0001 D NOERROR] A (10)DC1(3)DOMAIN(2)COM(0)
    UDP question info
    Socket = 500, recvd on port (65535)
    Remote addr 192.168.253.20, port 55587
    Time Query=1443102, Queued=0, Expire=0
    Buf length = 0x0500 (1280)
    Msg length = 0x0023 (35)
    Message:
    XID 0x4a8a
    Flags 0x0100
    QR 0 (QUESTION)
    OPCODE 0 (QUERY)
    AA 0
    TC 0
    RD 1
    RA 0
    Z 0
    RCODE 0 (NOERROR)
    QCOUNT 1
    ACOUNT 0
    NSCOUNT 0
    ARCOUNT 0
    QUESTION SECTION:
    Offset = 0x000c, RR count = 0
    Name "(10)DC1(3)DOMAIN(2)COM(0)"
    QTYPE A (1)
    QCLASS 1
    ANSWER SECTION:
    empty
    AUTHORITY SECTION:
    empty
    ADDITIONAL SECTION:
    empty

    20091124 08:33:11 28F0 PACKET 020BAD60 UDP Snd 192.168.253.20 4a8a R Q [8085 A DR NOERROR] A (10)DC1(3)DOMAIN(2)COM(0)
    UDP response info
    Socket = 500, recvd on port (65535)
    Remote addr 192.168.253.20, port 55587
    Time Query=1443102, Queued=0, Expire=0
    Buf length = 0x0200 (512)
    Msg length = 0x0033 (51)
    Message:
    XID 0x4a8a
    Flags 0x8580
    QR 1 (RESPONSE)
    OPCODE 0 (QUERY)
    AA 1
    TC 0
    RD 1
    RA 1
    Z 0
    RCODE 0 (NOERROR)
    QCOUNT 1
    ACOUNT 1
    NSCOUNT 0
    ARCOUNT 0
    QUESTION SECTION:
    Offset = 0x000c, RR count = 0
    Name "(10)DC1(3)DOMAIN(2)COM(0)"
    QTYPE A (1)
    QCLASS 1
    ANSWER SECTION:
    Offset = 0x0023, RR count = 0
    Name "[C00C](10)DC1(3)DOMAIN(2)COM(0)"
    TYPE A (1)
    CLASS 1
    TTL 3600
    DLEN 4
    DATA 172.16.8.10
    AUTHORITY SECTION:
    empty
    ADDITIONAL SECTION:
    empty

    Wednesday, November 25, 2009 4:13 PM

All replies

  • Still stumped here.  Anyone with any incite?
    Monday, November 30, 2009 2:01 PM
  • Hi Daveyd123,

    Is the "DHCP client service" running on the DHCP server and clients ?
    Thana
    Wednesday, December 2, 2009 1:39 AM
  • Hi Daveyd123,

    Is the "DHCP client service" running on the DHCP server and clients ?
    Thana

    Yes.  The DHCP client is running on all clients and the DHCP server.

    In today's DHCP log, there are several hundred failures.  I took the DCHP server out of the DNSUpdateProxy group.  We have 3 DCHP servers but they are in different locations and do not update each others DNS records.

    Here are some of todays failures...

    25,12/03/09,15:56:59,0 leases expired and 0 leases deleted,,,,
    25,12/03/09,15:56:59,0 leases expired and 0 leases deleted,,,,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.88,PC1.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.89,PC2.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.92,PC3.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.93,PC4.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.94,PC5.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.95,PC6.domain.local,-1,
    31,12/03/09,15:56:59,DNS Update Failed,172.16.1.101,PC7.domain.local,-1,
    Thursday, December 3, 2009 9:29 PM
  • Hi,

    What is your DC's sevice pack level?
    And Did you have set the DHCP option for option "015 DNS Domain Name"?
    Thana
    Friday, December 4, 2009 1:54 AM
  • Hi,

    What is your DC's sevice pack level?
    And Did you have set the DHCP option for option "015 DNS Domain Name"?
    Thana

    2003 SP2

    Yes.  My set DHCP options are 003,006,015,044,045
    Friday, December 4, 2009 4:26 PM
  • Hi,

    Do you have reverse lookup zone configured? It could be that the failure comes from DHCP not being able to update the PTR record.

    Tuomo

    Wednesday, December 9, 2009 2:57 PM
  • I am encountering the same problems in my domain. We have the same configuration that you listed.

     

    Two DC Windows 2003 SP2

    Active Directory Integration

    Forward and reverse lookup configured
     

    Not sure how long this has been happening. We started to notice clients not registering in DNS earlier this week and found the errors in the DHCP log. If we restart the DHCP service the clients update and register in DNS for about an hour with no errors. After an hour the database cleanup runs and the clients start to fail.

     

     

    Did you resolve your problem and if so how?

     

    Thursday, December 17, 2009 5:45 PM
  • Nope.  Still have the same issue.  Yes, I have Reverse Zones setup.  There are even some clients registered int he Reverse zones while some fail.  Its hit or miss.
    Tuesday, December 22, 2009 3:27 PM
  • Same problem here.  I've got two DHCP servers.  One works fine, on the other, clients update until the database cleanup runs, then they start to fail.  Anybody ever find anything out on this?
    Thursday, January 21, 2010 10:51 PM
  • My issue was a result of a couple missing reverse zones in DNS. We have 32 sites and 4 sites were missing. After adding the missing zones all issues cleared up on the next db cleanup.
    Friday, January 22, 2010 4:07 AM
  • Did anyone ever resolve this?  I am having the same issue.  All of the reverse lookup zones are there.  I have a case open with Microsoft but it has been a few days and we have not gotten anywhere. 
    Tuesday, March 2, 2010 9:09 PM
  • Hi

    Did you solve this Diaz?

    We are having the same problem...

     

    Rgds

    /Jan Denmark...

    Thursday, August 12, 2010 11:38 AM
  • Hello,

       Wondering if there was every any update of solution for this issue?

    ZT

    Tuesday, September 7, 2010 6:20 PM
  • I am having the same problem.  Did anyone locate a fix?
    Tuesday, December 7, 2010 2:04 AM
  • Hi NetGuy,

    Did you try configuring DHCP to own all records (by either using credentials or adding the DHCP server to the DnsUpdateProxy group) and configure DHCP to update all clients, whether they can or not, into the zone, as I suggested in your thread in this link?

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/3950e7e7-3808-44a3-b86b-25b83780cf34

    Ace

     


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    Tuesday, December 7, 2010 4:18 AM
  • My setup:

    2003 AD Domain

    2000/XP clients

    1 DHCP server (running on a Domain Controller) with multiple scopes
    All scopes are setup to Enable DNS dynamic updates according to the settings: Always dynamically update DNS A and PTR records, Discard A and PTR records when lease is deleted and Dynamically update DNS A and PTR records for DHCP clients that do not request updates

    The DHCP server is listed in the DNSUpdate Proxy group and is using a domain account (which is also in the DNSUpdate Proxy group) for DNS dynamic update registration credentials

    2 DNS servers (running on both Domain Controllers): All forward and Reverse lookup zones are AD intergrated, Allow only Secure updates and replicate to all Domain Controllers in the AD Domain
    DHCP handles DNS client registration

    Hey,

    In first point, Right click on DHCP Scope and in DNS tab select

    "dynamically update DNS A and PTR records only if requested by DHCP clients".

    And in Second Point, on DNS Zone in DNS server, select both secure and non-secure updates.

    Let me know if that worked.

     

    Thanks

    Dinesh

    • Proposed as answer by Inovator Monday, July 22, 2013 8:01 PM
    Tuesday, December 7, 2010 4:41 AM
  • Just checking back in.  For us, the issue was that we had a couple of guest wireless scopes that were set to point to external dns servers.  The guest scopes were inhertiting the setting from the server to automatically register with DNS - which they could not do.  Instead of just failing, after a time all of our scopes - even those pointing to the internal dns servers would start trying to register with the external servers.  We disabled dns updates for the guest scopes and the issue went away.  We discovered what was happening after capturing the traffic with netmon.  Hope this helps! 
    • Proposed as answer by ntshane Thursday, January 24, 2013 9:22 PM
    Monday, December 27, 2010 9:30 PM
  • Crystal, this was exactly our problem here.  Thanks!
    Thursday, January 24, 2013 9:22 PM