Cached Lookups vary between PDC and BDC

Is this normal? I know that the two servers are syncing changes in the
forward & reverse lookup zones but should they sync the cached lookups also?

--
Thanks!

"Saucer Man" <> wrote in message news:4bb0c968$0$2387$...
> Is this normal? I know that the two servers are syncing changes in the
> forward & reverse lookup zones but should they sync the cached lookups also?
>
> --
> Thanks!
>
>


Cached lookups are individual to each server's DNS service's cache. Cache does not get shared.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.

Thanks again Ace!

"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...

Cached lookups are individual to each server's DNS service's cache. Cache
does not get shared.

--
Ace

"Saucer Man" <> wrote in message news:4bb0ffdc$0$2378$...
> Thanks again Ace!
>

You are welcome!

Ace

I record keeps populating in the .root folder of cached lookups. The record
is abc-domain and in it is a record for one of our old servers that no
longer exists. Under the server entry are two NS records pointing to some
unknown outside servers. I deleted this record yesterday from the PDC. It
wasn't in the BDC. Today, it is back in the PDC's cache and also the BDC's.
How is it getting there?


"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
You are welcome!

Ace

"Saucer Man" <> wrote in message news:4bb25208$0$2394$...
>I record keeps populating in the .root folder of cached lookups. The record
> is abc-domain and in it is a record for one of our old servers that no
> longer exists. Under the server entry are two NS records pointing to some
> unknown outside servers. I deleted this record yesterday from the PDC. It
> wasn't in the BDC. Today, it is back in the PDC's cache and also the BDC's.
> How is it getting there?
>
>
> "Ace Fekay [MVP-DS, MCT]" <> wrote in message
> news:...
> You are welcome!
>
> Ace

Apaprently something is querying it. Check all zone properties, nameservers tab. Also, run Wireshark for inbound UDP 53 and check to see where it's coming from. It could be from an old machine sitting around.

Also, are you implying it's a single label name?


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.

"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:O%...Apa prently something is
querying it. Check all zone properties, nameservers tab. Also, run Wireshark
for inbound UDP 53 and check to see where it's coming from. It could be from
an old machine sitting around.

Also, are you implying it's a single label name?


--
Ace



Yes. Remember I had the single label name abc-domain in my forward lookup
zone? I had deleted that zone like we discussed. However, right underneath
the .(root) level in Cached Lookups is this abc-domain record. Under it,
there is a reference to an old server. I agree at least one device is still
querying the old server. If I find that device(s) and correct it will the
abc-domain record stop appearing?

Does wireshark need to be installed on the actual DC where DNS is running or
can I install it on my laptop?

"Saucer Man" <> wrote in message news:4bb4afd9$0$2363$...
>
> Yes. Remember I had the single label name abc-domain in my forward lookup
> zone? I had deleted that zone like we discussed. However, right underneath
> the .(root) level in Cached Lookups is this abc-domain record. Under it,
> there is a reference to an old server. I agree at least one device is still
> querying the old server. If I find that device(s) and correct it will the
> abc-domain record stop appearing?
>
> Does wireshark need to be installed on the actual DC where DNS is running or
> can I install it on my laptop?
>

Yes, if you can nail down that machine, and change whatever is querying it, it will not show up in cache. You can use wireshark to check inbound UDP 53, then look at the query string for that name.

Ace

"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
Yes, if you can nail down that machine, and change whatever is querying it,
it will not show up in cache. You can use wireshark to check inbound UDP 53,
then look at the query string for that name.

Ace


OK. I will try to install Wireshark on the DC. I wish I could install it
elsewhere. I see in ADDT that the Domain name (pre-Windows 2000) is
abc-domain. I wonder if this could be causing an issue somewhere.

"Saucer Man" <> wrote in message news:4bbb334a$0$2362$...
>
>
> OK. I will try to install Wireshark on the DC. I wish I could install it
> elsewhere. I see in ADDT that the Domain name (pre-Windows 2000) is
> abc-domain. I wonder if this could be causing an issue somewhere.
>
>

You could install it on a workstation, but you would have to install the workstation and DC on a Hub (not a switch), that is uplinked to your switch. This way in promiscuous mode, the workstation can "see' the traffic going to the DC.

What is it doing in ADDT? Was there a trust setup to it? I would suggest to remove it.

Ace