Wrong IP address registering in DNS

Question

I've just taken over a small business network with 2 Windows servers. SRV2 (Server 2008 R2) is primarily a data backup for SRV1 (Server 2003); they're both DNS servers as well.

Our primary LAN addresses are 10.x.x.x. The servers are also directly linked by Ethernet crossover cables, 2 NICs teamed to produce a 2Gbps connection; these connections are assigned 192.168.x.x addresses. The crosslink is for backup purposes; naturally I want LAN access to the servers to be by the 10.x.x.x addresses. That's worked fine up to today.

But this morning I replaced one of the two crossover cables between the servers, because I discovered it had two wires swapped. When I took over, the crosslink was barely active, and showed a speed of 1.1Gbps. With a new cable the link speed jumped to 2Gbps and became substantially more active.

The problem is: Now any DNS lookup of SRV2 returns the 192.x address instead of the 10.x address.

I've deleted the A records for SRV2 from both servers; they get recreated for 192.x, but not for 10.x. "Register this connection's addresses in DNS" is unchecked for the 192.x interface, checked for the 10.x interface. Nonetheless the 192.x address is what keeps showing up in the forward lookup tables.

What should I do to ensure that DNS serves the 10.x address for SRV2 instead of the 192.x address?

Updates: 1) SRV2 ran a backup of SRV1 last night; it looks like most (maybe all) of the traffic went across the 1Gbps 10.x interface.

2) I manually added A records for SRV2's 10.x address to both servers; they disappeared overnight. I suppose I should have set time-to-live on the Win2003 server, but that wasn't an option on the Win2008 server.

3) netstat -no shows no connections between the servers on the 10.x interfaces, only on 192.x.

4) I found this question: Windows DNS keeps re-registering deleted ip addresses which seems related, so I checked where my DNS servers were listening. SRV1 is listening on all interfaces - no surprise. But SRV2 doesn't even show the 10.x interface in DNS server properties; it only has the 192.x interface (and the associated link-local IPv6 address).

Answer 1

Make sure that the NICs do not autocreate records in DNS (Which they do by default).

Answer 2

As others already mentioned, removing the "Register this connection in DNS" checkbox at the network adapter setting does not solve this. You can modify an existing "SkipAsSource" with powershell 3.0 and higher to prevent DNS registration in Active Directory. Advantage: The IP can already be added, whereas with the netsh method it has to be removed first, which can disrupt operation. First check "SkipAsSource" with

Netsh int ipv4 show ipaddresses level=verbose

The powershell equivalent is:

Get-NetIPAddress | Select-Object IPAddress,InterfaceAlias,SkipAsSource | ft

Take the one you do NOT want to register in DNS, and then:

Set-NetIPAddress -IPAddress <IP it applies to> -InterfaceAlias "Adapter name in Windows" -SkipAsSource $true

Should work instantly. It corrects the DNS registration in my environments right away and the netsh or Get-NetIPAddress check confirms this. But if you change something on the adapter in the GUI "SkipAsSource" is force-corrected to be "false" again, so after every change on that network adapter in the GUI you need to run that command again. You could set up task scheduler to correct it every few minutes, or bind the task to the network-change trigger in your Microsoft-Windows-NetworkProfile/Operational log, usually event id 4004.

Answer 3

You want DNS for only the 10. addresses not the 192's.
Are the DNS zones Active Directory Integrated, if so these servers are also DC's?
Or are the DNS zones primary/secondary, and if so, which is primary and which is secondary?

What service pack are these 2008 R2 servers?
You may need this hotfix if it wasn't included in the service pack.
See http://support2.microsoft.com/kb/2386184

What is the output of:

Netsh int ipv4 show ipaddresses level=verbose

If the "skipassource" value for the 192's is not true invoke:

Netsh int ipv4 add address <Interface Name> <ip address> skipassource=true

Answer 4

It looks like my question should have been "Why doesn't the 10.x address appear in DNS" instead of "Why does the 192.x address appear?" In the end, I was able to set the interfaces the DNS servers listened upon, as in the question I linked above.

Some combination of unplugging and replugging the crossover cables, restarting the DNS Server service on SRV2, and closing and reopening the DNS Manager program on SRV2 caused the properties for DNS Server to start showing both network interfaces, not just the 192.x one. I unselected the 192.x interface from the listening list for both SRV1 and SRV2 and now only their 10.x addresses appear. Why didn't the 10.x interface appear on SRV2 before? I still don't know.

(Now I'm trying to figure out how my Backup Exec setup is affected by all this, but that's outside the scope of this question.)