question

Andreas-9700 avatar image
0 Votes"
Andreas-9700 asked GaryReynolds commented

Problems with DNS

Hi,

I am checking a domain for a customer, and noticed when I ping their domain I get different replies.
When I check DNS I see the following.....

![144848-image.png][1]

  • I asked the customer about WINS, but they did not know. I have never configured WINS.

  • server1 I guess is an old DC, so I can remove that as long as its gone

  • One thing I am not sure about is why the network address is added there ? 10.0.0.0 and 10.1.1.0. (FYI one of the DCs are 10.1.1.10 / 255.255.254.0 / GW 10.1.1.254.) could that be related since its a big network ?

  • 10.1.1.50 and 10.1.1.60 I also guess are old DCs that I can remove that as long as its gone
    -


Thanks for any comments

/R
Andy

windows-serverwindows-active-directorywindows-dhcp-dns
image.png (30.8 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GaryReynolds avatar image
1 Vote"
GaryReynolds answered

Hi @Andreas-9700

A few comments below:

I asked the customer about WINS, but they did not know. I have never configured WINS.

This record existing because WINS naming resolution has been enabled on the zone, I would check if 10.0.0.50 has WINS installed, and also if the DHCP server is configured to provide the same IP address in the WINS server scope option to the clients. Based on your last comment the server might have already been removed.

server1 I guess is an old DC, so I can remove that as long as its gone

I would check the AD to see what domain controllers exist, or a server with DNS installed exists at this IP address, if not you should be able to remove it.

One thing I am not sure about is why the network address is added there ? 10.0.0.0 and 10.1.1.0. (FYI one of the DCs are 10.1.1.10 / 255.255.254.0 / GW 10.1.1.254.) could that be related since its a big network ?

Typically a network addresses wouldn't be added as a record, however, this address will be returned if the zone is queried for an A record, so it might be used for some other functionality.

10.1.1.50 and 10.1.1.60 I also guess are old DCs that I can remove that as long as its gone

If you can confirm that they no longer exist, you should be able to remove them.

One thing to bear in mind, these records were added for a reason, rightly or wrongly and they might still be being used, with only the information provided it's possible to provide a definitive answer if they can be removed or not, or if there will be any impact as a result of removing them. You will need to double check if the servers still exist or the configuration is being used for a specific reason in the environment.

Gary.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Andreas-9700 avatar image
0 Votes"
Andreas-9700 answered GaryReynolds commented

Hi,

Thanks for good reply @GaryReynolds-8098 I will check those things out, especially the WINS thing.

This one I am still a little confused about "Typically a network addresses wouldn't be added as a record, however, this address will be returned if the zone is queried for an A record, so it might be used for some other functionality."

I thought it was like this, when I ping the domain, only one of the DNS servers should reply. And now the network segment will also send a reply, that will mess things up will it not ?

/R
Andy

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Andy,

When you ping the domain name, the client will perform an DNS A record query against for domain name, the DNS server will returned all the records Host (A) records from your screenshot and the client will ping the first entry in the return list.

However, normally the server will have a number of the server options enabled, which will limit or change the sort order of the results based on the options selected. This is the configuration for my 2019 DC:

145077-dns.png


Also the client is likely to ignore the network ID entry as it knows this is the network ID and will not work.

You can confirm what is being returned by using the following commands:

 nslookup
 <domain name>

Gary.


0 Votes 0 ·
dns.png (20.4 KiB)
LimitlessTechnology-2700 avatar image
1 Vote"
LimitlessTechnology-2700 answered

Hello @Andreas-9700,

Thank you for your question and reaching out.

In your screen shot there is Network segment added as Host Entry which should be removed or Disabled. ( 10.0.0.0 ).

You can try to access old DC by using its ip address or try to take putty or web browser session to see what type of device it is.
If you can not reachable by using any method then you can remove obsolete static entries from DNS.






--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Andreas-9700 avatar image
0 Votes"
Andreas-9700 answered GaryReynolds commented

Hi,

Thanks for reply @LimitlessTechnology-2700
Any idea why network segment has been added as Host Entry ? As I understand this is a automatic entry added since its called "Same as parent folder"
Could it be related to network mask 255.255.254.0 ? Since this network 2 C class network with 512 addresses......

Comments ?

/R
Andy

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Andy,

The network segment entry was created manually as it's a static entry. The fact that it has the 'same as parent', just means that when it was created the name entry was left blank.

Gary.

1 Vote 1 ·