none
Strange behavior with DNS. RRS feed

  • Question

  • I have a client whose DC is constantly getting issues accessing amazonaws.com domains.  When troubleshooting I am finding that the IPv4 entries are being removed from the zone but the IPv6 addresses remain.   As the local ISP does not provide IPv6 connectivity options this leaves me disconnected until the zone is cleared.
    Monday, March 25, 2019 5:25 PM

All replies

  • Hi,

    Are these IPv4 entries dynamic or static?

    Please check the event viewer to find out who deleted the entries. 

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, March 26, 2019 7:42 AM
    Moderator
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, April 4, 2019 7:05 AM
    Moderator
  • Travis,

    The log entries are not showing that the zone was changed.  After I manually clear the cache for the zone, it does get logged.  However, before that there is no log entries corresponding to the NS servers for the zone being updated or changed.

    I have attached two screenshots of the cached zone from when it's not working and after I delete the bad zone.

    Thanks,

    Brian

    Thursday, April 4, 2019 2:48 PM
  • Hi,

    Thanks for your reply.

    These DNS records are all static records and should not disappear unless manually deleted.

    There four DNS servers in your domain and these zones are AD-integrated, right?

    If you delete some records on one of these DNS servers, the operation will be replicated to the other three DNS servers with AD replication.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, April 8, 2019 7:15 AM
    Moderator
  • Travis,

    It seems there is some confusion.  This is for the amazonaws.com domain. This is from the DNS server cache.  This is not from an internal zone or hosted internal domain.  I am specifically loosing the ability to resolve names for services hosted on amazonaws.com's namespace. 

    This from the DNS server cache for the domain amazonaws.com.

    The problem the best I can explain it. 

    I get a call from user, they can't access X website.   I connect to their machine and run an NSlookup on the hostname.  NSlookup times out.  Then, I check on the DNS server, same result.  Next, I check the cache, and I only have the IPv6 addresses for the amazonaws.com namesservers.  My provider doesn't offer IPv6 service yet in my area.  So these addresses are useless for me.  I clear the cache and perform a new lookup and get the IPv4 addresses as well as the IPv6 addresses.  Everything is fine for a while.  Then I get another phone call.  Same issue.

    Hope this helps.  Not seeing anything on this in my searches and not seeing a way troubleshoot this further. 

    Thanks,
    Brian

    Tuesday, April 9, 2019 6:07 AM
  • Hi,

    This is from the DNS server cache.  

    Do you mean cached lookups?

    If so, these records will be cleared when TTL is exhausted.

    Best regards,Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 10, 2019 8:36 AM
    Moderator