Hello,
We have two domain controllers running Windows Server 2019, they were upgraded from 2008 about a year ago. The netwok was configured on a 10.0.0.0/16 subnet (was before our time!). There's a DHCP pool on 10.0.99.0/24. Servers and other devices are on 10.0.0.0/24, there's no vlan's or any other routing, all subnets can talk to all others.
It appears that reverse DNS is not working for machines in this pool, the machines register on DNS and an entry is created in the forward lookup zone, but no reverse DNS entry is created. This means that if you do a NSLookup to say 10.0.99.99 it will not resolve to a hostname, which is now causing issues.
DCDiag shows the below errors,
Delegation information for the zone: contoso.com.
Delegated domain name: _msdcs.contoso.com.
DNS server: dc004. IP:10.0.0.90 [Valid]
DNS server: dc005. IP:10.0.0.91 [Valid]
Delegated domain name: contoso.com.contoso.com.
Warning: Delegation of DNS server dc004.contoso.com. is broken on IP:10.0.0.90
Error: DNS server: dc004.contoso.com.
IP:10.0.0.90 [Broken delegation]
Warning: Delegation of DNS server dc005.contoso.com. is broken on IP:10.0.0.91
Error: DNS server: dc005.contoso.com.
IP:10.0.0.91 [Broken delegation]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone contoso.com
Warning: Failed to delete the test record dcdiag-test-record in zone contoso.com
[Error details: 9505 (Type: Win32 - Description: Unsecured DNS packet.)]
DNS server: 10.0.0.90 (dc004.contoso.com.)
2 test failure on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.contoso.com. is operational on IP 10.0.0.90
DNS delegation for the domain contoso.com.contoso.com. is broken on IP 10.0.0.90
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Total query time:0 min. 0 sec., Total WMI connection
time:0 min. 0 sec.
DNS server: 10.0.0.91 (dc005.contoso.com.)
2 test failure on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.contoso.com. is operational on IP 10.0.0.91
DNS delegation for the domain contoso.com.contoso.com. is broken on IP 10.0.0.91
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Total query time:0 min. 0 sec., Total WMI connection
time:0 min. 0 sec.
Non DHCP machines are registering and work with NSLookup.
Is there something we need to configure in DHCP or DNS to get the records creating?