And some DHCP options that might help... http://support.microsoft.com/kb/932464
From: Kennedy, Jim [mailto:[email protected]] Sent: Wednesday, August 25, 2010 9:44 AM To: NT System Admin Issues Subject: RE: DHCP and DNS Anomoly "It's strikes me odd that DNS would allow multiple entries for the same IP address. Is that normal behavior" Yes, they both registered their DNS with the DNS server...the low use PC did it a month ago, it was shut off and its lease expired and that address was given to a new PC. The fix is to set up savaging to lower levels on your DNS server. http://technet.microsoft.com/en-us/library/cc759204%28WS.10%29.aspx From: Bob Hartung [mailto:[email protected]] Sent: Wednesday, August 25, 2010 9:37 AM To: NT System Admin Issues Subject: DHCP and DNS Anomoly I've got an odd situation with DHCP and DNS creating a confusing situation. I use SmartCode VNC Manager for remote support. Every hour it queries all our network PCs to see if they are active or not. It uses the PC's name to resolve the IP address. I happened to notice that a very low use PC showed active when I was pretty confident it wasn't turned on. When I remoted into it, it turned out to be a different PC. Hmmm... I went to the command prompt and tried pinging both the low use PC as well as the PC I wound up connecting to and they both resolved to the same IP address. I tried "ipconfig /flushdns" to see if I had an error in the DNS cache but that made no difference. Next stop was the DHCP server. We have a MS Window 2003 SP2 PDC that hosts both DNS and DHCP. The low use PC had been off long enough that there wasn't even an entry for it in the IP address leases. There was an entry for the PC I wound up connecting to. I tried the same ping testing on the PDC as I had on my PC and got the same results. Next stop was the DNS server. Ah ha! There were 2 entries in the Forward Lookup Zones for that IP address for each of the PCs I was pinging. Oddly, in the Reverse Lookup Zones, there was only one entry and it was for the low use PC. It's strikes me odd that DNS would allow multiple entries for the same IP address. Is that normal behavior? Since these pointer records are automatically created by an interaction between the DHCP and DNS servers, shouldn't there also be a process that would delete DNS pointers based on expired DHCP leases, particularly since the IP address had been handed out to a different PC? I know I could resolve this issue by either turning on the low use PC and getting a new IP address lease or by simply deleting the expired DNS pointer but I'd like to understand why this can happen and if there's a way to configure things so it doesn't continue to happen. Thanks. ---------------------- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
