Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

 

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: [ActiveDir] Unexpected DNS/DHCP Behavior On W2K8R2 SP1
Prev Next
You are not authorized to post a reply.

AuthorMessages
ZJORZUser is Offline

Posts:450

02/01/2012 6:45 PM  
Hi,



We have an RODC in DMZ along with member servers. The RODC hosts DHCP
service to assign reserved IP addresses to the member servers. Member
servers can only talk to the RODCs and only the RODC can talk to the RWDCs.

DHCP is configured as follows:





Weird are experiencing weird behavior with regards to Dynamic Updates for
the A/PTR records of the members. To understand the process and determine
the pattern I have been playing with values to see what happens in a test
environment. Because this is time dependent the values are quite low.



Scavenging = 1 hour

No-refresh interval = 1 hour (we also tried with 2 hours)

Refresh interval = 3 hours (we also tried with 5 hours)

DHCP lease = 1 hour and 10 min (70 minutes)



To keep it simple to follow

· t=0 à DNS record is created/updated

· Record refresh between “t=0” and “t=0”+”no-refresh” are not
accepted although the member server triggers a update/refresh every 35
minutes

· Record refresh after “t=0”+”no-refresh” are accepted

· Looking at the DDNS moment by the client we see:

o “t=0”+35min

o “t=1h”+10 min

o “t=1h”+45 min

o “t=2h”+20 min

· Based upon the “no-refresh” interval I WOULD EXPECT the update at
“t=1h”+10 min would update the dnsRecord attribute to extend the record
timestamp from t=0 to t=1. It DOES NOT, although it is already in the
refresh period

· The same applies for “t=1h”+45 min, although it is already in the
refresh period

· However at “t=2h”+20 min IT DOES update the dnsRecord attribute
and extends the timestamp from t=0 to t=2h (I have auditing enabled at DS
level and I can see the update was indeed made. Looking at the object
metadata I can see the version of the dnsRecord attribute was increased with
1)



OSes = W2K8R2 + SP1



What I’m trying to understand is WHY the update made in the first hour of
the refresh interval is not processed by the DNS server? After the first
hour it does succeed.





Cheers,



(HOPEFULLY THIS INFORMATION HELPS YOU!)



Ing. Jorge de Almeida Pinto

Senior Technical Consultant

MVP Identity & Access - Directory Services

( <https://mvp.support.microsoft.com/profile/jorge1> MVP Profile) (
<http://jorgequestforknowledge.wordpress.com/> Blog)



———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!

* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: <http://jorgequestforknowledge.wordpress.com/disclaimer/>
http://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————




You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > [ActiveDir] Unexpected DNS/DHCP Behavior On W2K8R2 SP1



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:kmckinney
New TodayNew Today:0
New YesterdayNew Yesterday:4
User CountOverall:5488
People OnlinePeople Online:
VisitorsVisitors:37
MembersMembers:0
TotalTotal:37
Online NowOnline Now:

Ads

Copyright 2012 ActiveDir.org
Terms Of Use