dnscmd to remove then add NS records

[Brian S. Bergin]

I have a problem with NS records on secondary box. We moved one of
our secondary name servers to another network, left its name the same,
but its IP changed. We updated the box's IP in its parent zone to
reflect the new IP but none of the zones that point to it has picked
up the new IP. We can manually remove and add the NS and it's new IP
to each zone but there are several hundred.

So I decided to use dnscmd to remove and add back the name server. I
used the command successfully to remove all the servers and add them
back but they kept the old IP. I then changed my script to flush the
dns cache (ipconfig /flushdns) and reset the dns service (net stop dns
& net start dns) between the /recorddelete and /recordadd scripts. No
luck.

The problem is the box with the new IP is unable to pull records from
the primary server because it still thinks the secondary box should be
on its old IP. How do I update DNS on 2k to force it to resolve the
IP of the secondary name server with its new IP?

TIA...

Sincerely,
Brian S. Bergin
Terabyte Computers, Inc.

Please post replies here so everyone may benefit.

NOTICE: Use of this information is contingent upon acceptance of Paragraph 17 of Terabyte's Terms and conditions located at http://terabyte.net/terms.htm#postings.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

I have a problem with NS records on secondary box. We
moved one of
our secondary name servers to another network, left its
name the same,
but its IP changed. We updated the box's IP in its
parent zone to
reflect the new IP but none of the zones that point to it
has picked
up the new IP. We can manually remove and add the NS and
it's new IP
to each zone but there are several hundred.

So I decided to use dnscmd to remove and add back the
name server. I
used the command successfully to remove all the servers
and add them
back but they kept the old IP. I then changed my script
to flush the
dns cache (ipconfig /flushdns) and reset the dns service
(net stop dns
& net start dns) between the /recorddelete and /recordadd
scripts. No
luck.

The problem is the box with the new IP is unable to pull
records from
the primary server because it still thinks the secondary
box should be
on its old IP. How do I update DNS on 2k to force it to
resolve the
IP of the secondary name server with its new IP?

TIA...

Sincerely,
Brian S. Bergin
Terabyte Computers, Inc.

Please post replies here so everyone may benefit.

NOTICE: Use of this information is contingent upon
acceptance of Paragraph 17 of Terabyte's Terms and
conditions located at
http://terabyte.net/terms.htm#postings.

Did you use dnscmd /ZoneResetSecondaries <zonename> <secondaryIPaddress>

 

[Brian S. Bergin]

Did you use dnscmd /ZoneResetSecondaries <zonename> <secondaryIPaddress>

When I did it it said "Command completed successfully." but nothing
changed in the zone. I believe all that does is send the full zone to
the secondary server listed by secondaryIPaddress. What I need is for
the server to update the IP listed by "Resolve" in the Name Servers
tab of the zone properties.

Sincerely,
Brian S. Bergin
Terabyte Computers, Inc.

Please post replies here so everyone may benefit.

NOTICE: Use of this information is contingent upon acceptance of Paragraph 17 of Terabyte's Terms and conditions located at http://terabyte.net/terms.htm#postings.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

When I did it it said "Command completed successfully."
but nothing
changed in the zone. I believe all that does is send the
full zone to
the secondary server listed by secondaryIPaddress. What
I need is for
the server to update the IP listed by "Resolve" in the
Name Servers
tab of the zone properties.

dnscmd <servername> /ZoneResetSecondaries <zonename> /SecureNs
-or-
dnscmd <servername> /ZoneResetSecondaries <zonename> /SecureList
<secondaryIPaddresses>
-or-
dnscmd /ZoneResetSecondaries /? for help

 

[Brian S. Bergin]

dnscmd <servername> /ZoneResetSecondaries <zonename> /SecureNs
-or-
dnscmd <servername> /ZoneResetSecondaries <zonename> /SecureList
<secondaryIPaddresses>
-or-
dnscmd /ZoneResetSecondaries /? for help

All that does is set the zone transfer options to the secondary
servers. It doesn't reset the IPs addresses assigned to the name
servers in the Name Server's tab. I want to transfer only to servers
on the Name Server tab and that's what's broken in MS DNS. BIND
doesn't do this. When you update NS in BIND it actually does it.

Sincerely,
Brian S. Bergin
Terabyte Computers, Inc.

Please post replies here so everyone may benefit.

NOTICE: Use of this information is contingent upon acceptance of Paragraph 17 of Terabyte's Terms and conditions located at http://terabyte.net/terms.htm#postings.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

All that does is set the zone transfer options to the
secondary
servers. It doesn't reset the IPs addresses assigned to
the name
servers in the Name Server's tab. I want to transfer
only to servers
on the Name Server tab and that's what's broken in MS
DNS. BIND
doesn't do this. When you update NS in BIND it actually
does it.

MS DNS does this, too.
It uses the glue record to resolve the NS record.
Did you update the glue record?
You have to first delete the current glue record then create a new glue
record with the new IP address.
I've tested this add it works as expected. Delete the old A glue record,
create the new A glue record, delete the old NS then create the new NS.
If DNS does not have a glue record it cannot resolve the NS record to an IP
address.
Here is another kicker, the glue record must be on the same DNS server.

 

[Brian S. Bergin]

In


MS DNS does this, too.
It uses the glue record to resolve the NS record.
Did you update the glue record?
You have to first delete the current glue record then create a new glue
record with the new IP address.
I've tested this add it works as expected. Delete the old A glue record,
create the new A glue record, delete the old NS then create the new NS.
If DNS does not have a glue record it cannot resolve the NS record to an IP
address.
Here is another kicker, the glue record must be on the same DNS server.

not sure what a "glue" record is. If you mean did I update the record
in the primary zone that hosts the full name then yes, I've removed
it, restarted the DNS server service and added it back. The server
resolves the IP of the name server correctly when queried and I'm
working on the with SOA of record for the zones. I then used dnscmd
to remove the NS record with the old IP and manually verified that the
NS was gone, restarted the DNS service once again, verified that the
zone with the A record for the NS was properly resolving then used
dnscmd to add the NS records back to the zones (there are several
hundred). In every single case each zone put the NS name back in the
zone but it used the old IP.

There's got to be an easier way. I could have moved all these zones
to BIND on Red Hat in the time I've taken to fool with MS's
implementation. It's VERY frustrating and causing lots of problems
with the secondary server not being allowed to pull new records.

Sincerely,
Brian S. Bergin
Terabyte Computers, Inc.

Please post replies here so everyone may benefit.

NOTICE: Use of this information is contingent upon acceptance of Paragraph 17 of Terabyte's Terms and conditions located at http://terabyte.net/terms.htm#postings.