Aug 10 2023 07:15 PM - edited Aug 10 2023 07:41 PM
Hi Members,
Currently, I am facing a strange issue with DNS Delegation. We have created a Delegation record in DNS using the authoritative name servers FQDN and when we created this Delegation was working as expected. A few months later suddenly application team reported an issue saying the DNS was not able to resolve the URL. When we verified the URL Deligation record, we found that the record was modified with an authoritative name server's IP address instead of FQDN in the server FQDN place and the IP address was showing as 'unknown'. To fix the delegation issue we have re-created the Delegation record with FQDN again and the issue got fixed.
We have verified the DNS Audit logs and system logs we couldn't identify any logs saying the Delegation records got modified with IP address after it was created originally. And we have identified the same issue with a few other delegation records as well... So how did the record got modified automatically? The authoritative name servers are having proper A records created in DNS so why it was showing as 'unknown' when the issue was reported? When we ran a dcdiag /test:DNS test it reported a few numbers of 'Broken delegated domain' errors but when we verified those delegation records manually those are working fine without any issues.
If anyone faced similar issues or knows any reason why "FQDN of authoritative name servers automatically chnage to IP addresses in a delegation record" Kindly help me to identify the root cause. Thanks in advance.
Server: Microsoft Windows Server 2019 Standard 10.0.17763 N/A Build 17763.
DNS Build version: 4563000A (10.0 build 17763)