Hi all,

We're having a bit of a problem here. We have a domain here, domain.local, that has approximately 260 Windows Machines (XP, Win7, various MS Servers) and we also have users that bring in iOS devices, Kindles, Androids and so-forth. The domain controller runs dhcp, dns, wsus, and is a file server. We only have a single dhcp server and a single dns server on a Windows Server 2008 R2 box.

We have a wireless network by Aruba that has three SSID's on it. One is secure, two are firewalled and open. You can ping the chromebooks on either of the wireless networks. the DHCP server works find on all of these.

We started off getting bad_address entries from the chromebooks when they went on our network back in September. Creating a dhcp lease solved most but not all. We are still getting dozens of entries in the dhcp log that specify bad_address. We have the dhcp server testing twice before issuing. Once in a great, great while, we might get something on an Android, but that is it.

Funny thing is, Chromebooks are being handed IPs (horray) and we can see the leases in the dhcp server. Well that really isnt funny, but what is, dynamic updates to dns are not happening. They exist nowhere in the forward zone or as a reverse pointer.

Kindles, iOS machines, Androids, Windows machines and everything else work flawlessly.

So two things... bad_address in the dhcp area and the dhcp dynamic updates are not happening for the Chromebooks.

Dns is set to "Always dynamically update DNS A and PTR records.

Discard A & PTR records when lease is deleted is checked.

Dynamically update DNS A and PTR records for DHCP clients that do not request updates is also checked.

Name protection is turned off as of today.

Any Ideas?

Thanks!

Steve

Hi,

Are the Chromebooks domain joined?

If not, did you configure DNS suffix correctly.

Could you share DHCP log with us?

At last, the issue occurred only on chromebooks, did you contact with their manufacture?

The chromebooks are not joined to the domain. They are not designed to do so.

DNS Suffix is fine.

We have intermittent issues with Androids and an occassional iOS device, but never Windows machines.

Here is part of the log from yesterday. Only two bad_addresses happened today. See what I mean by it's intermittant?

Thanks!

Steve

30,01/30/14,07:17:06,DNS Update Request,192.168.211.1,U39RM11-1.ludlow.local,,,0,6,,AAEBv23zaAWZ4WuK1b2+dVq95TA2xTDStNgPobG8nwaXmPQ=,
11,01/30/14,07:17:06,Renew,192.168.211.1,U39RM11-1.ludlow.local,E840F2D1CE03,,4190867016,0,,,
32,01/30/14,07:17:06,DNS Update Successful,192.168.211.1,U39RM11-1.ludlow.local,,,0,6,,AAEBv23zaAWZ4WuK1b2+dVq95TA2xTDStNgPobG8nwaXmPQ=,
30,01/30/14,07:17:18,DNS Update Request,192.168.233.11,U39Rm33-1.ludlow.local,,,0,6,,AAEB2fUQYqMaWdoe1wsX4MPnUoL9Q8UmymYol1QgzAkw/+Q=,
11,01/30/14,07:17:18,Renew,192.168.233.11,U39Rm33-1.ludlow.local,E840F2D188E2,,3840093265,0,,,
32,01/30/14,07:17:18,DNS Update Successful,192.168.233.11,U39Rm33-1.ludlow.local,,,0,6,,AAEB2fUQYqMaWdoe1wsX4MPnUoL9Q8UmymYol1QgzAkw/+Q=,
15,01/30/14,07:17:28,NACK,10.0.0.3,,D8D1CB46ADFB,,0,6,,,
30,01/30/14,07:17:31,DNS Update Request,192.168.100.33,Lukes-iPod.ludlow.local,,,0,6,,AAEBPiTHYcRevrOxpOVKf6R0r8Licugdjc6HTsZ8yEKd6i8=,
10,01/30/14,07:17:31,Assign,192.168.100.33,Lukes-iPod.ludlow.local,D8D1CB46ADFB,,4141094238,0,,,
32,01/30/14,07:17:31,DNS Update Successful,192.168.100.33,Lukes-iPod.ludlow.local,,,0,6,,AAEBPiTHYcRevrOxpOVKf6R0r8Licugdjc6HTsZ8yEKd6i8=,
30,01/30/14,07:17:50,DNS Update Request,192.168.100.34,LESPRIM1-LAP.ludlow.local,,,0,6,,AAEBmOdFa4iAE3mwpFO0XztiEQTcpHNF2F80hCx+P33Duxc=,
10,01/30/14,07:17:50,Assign,192.168.100.34,LESPRIM1-LAP.ludlow.local,705AB6E50F05,,448941972,0,,,
32,01/30/14,07:17:50,DNS Update Successful,192.168.100.34,LESPRIM1-LAP.ludlow.local,,,0,6,,AAEBmOdFa4iAE3mwpFO0XztiEQTcpHNF2F80hCx+P33Duxc=,
30,01/30/14,07:17:50,DNS Update Request,192.168.113.141,LESPRIM1-LAP.ludlow.local,,,0,6,,AAEBy8Imjdb3sW/XWuiJ5U/WrxaJQ3BxJCy0NQedJPGa4X0=,
11,01/30/14,07:17:50,Renew,192.168.113.141,LESPRIM1-LAP.ludlow.local,485D605DE330,,2808232855,0,,,
32,01/30/14,07:17:50,DNS Update Successful,192.168.113.141,LESPRIM1-LAP.ludlow.local,,,0,6,,AAEBy8Imjdb3sW/XWuiJ5U/WrxaJQ3BxJCy0NQedJPGa4X0=,
30,01/30/14,07:18:26,DNS Update Request,192.168.200.21,BAD_ADDRESS,,,0,6,,,
11,01/30/14,07:18:26,Renew,192.168.200.21,,5CF8A169E20C,,2629993613,0,,,
32,01/30/14,07:18:26,DNS Update Successful,192.168.200.21,BAD_ADDRESS,,,0,6,,,
13,01/30/14,07:18:28,Conflict,192.168.200.21,BAD_ADDRESS,,,0,6,,,
15,01/30/14,07:18:29,NACK,10.1.10.36,,245FDFAF76C0,,0,6,,,
30,01/30/14,07:18:30,DNS Update Request,192.168.200.21,BAD_ADDRESS,,,0,6,,,
10,01/30/14,07:18:30,Assign,192.168.200.21,,5CF8A169E20C,,1425556505,0,,,
32,01/30/14,07:18:30,DNS Update Successful,192.168.200.21,BAD_ADDRESS,,,0,6,,,
15,01/30/14,07:18:33,NACK,10.1.10.36,,245FDFAF76C0,,0,6,,,
30,01/30/14,07:18:49,DNS Update Request,192.168.226.2,U39Counseling2.ludlow.local,,,0,6,,AAEBoDb2i8cNiTs5s6mi1U4cKX6O6XrNKoeN0nhi48apyko=,
11,01/30/14,07:18:49,Renew,192.168.226.2,U39Counseling2.ludlow.local,E840F2D1B6AE,,3091400663,0,,,
32,01/30/14,07:18:49,DNS Update Successful,192.168.226.2,U39Counseling2.ludlow.local,,,0,6,,AAEBoDb2i8cNiTs5s6mi1U4cKX6O6XrNKoeN0nhi48apyko=,
30,01/30/14,07:18:58,DNS Update Request,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,,,0,6,,AAEBZ8X3hdJsXWkCTi64DjXKWgzR8VSvxXmR27vdeEmuXFc=,
10,01/30/14,07:18:58,Assign,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,10AE60DDC84E,,2713964648,0,,,
32,01/30/14,07:18:58,DNS Update Successful,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,,,0,6,,AAEBZ8X3hdJsXWkCTi64DjXKWgzR8VSvxXmR27vdeEmuXFc=,
30,01/30/14,07:18:59,DNS Update Request,192.168.200.68,U39CB68,,,0,6,,,
11,01/30/14,07:18:59,Renew,192.168.200.68,,6021C0E66497,,2944142942,0,,,
32,01/30/14,07:18:59,DNS Update Successful,192.168.200.68,U39CB68,,,0,6,,,
13,01/30/14,07:19:01,Conflict,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:19:03,DNS Update Request,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
10,01/30/14,07:19:03,Assign,192.168.100.10,Noahs-Ipod.ludlow.local,848506E9BCF0,,1755798843,0,,,
32,01/30/14,07:19:03,DNS Update Successful,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
30,01/30/14,07:19:03,DNS Update Request,192.168.117.131,Lisas-iPad-2.ludlow.local,,,0,6,,AAEBigaHvI9zgqVhhK4yfw0UxzAcRD0yLfh0mU5G6Lq33JI=,
11,01/30/14,07:19:03,Renew,192.168.117.131,Lisas-iPad-2.ludlow.local,A4D1D20EF3A7,,161525253,0,,,
32,01/30/14,07:19:03,DNS Update Successful,192.168.117.131,Lisas-iPad-2.ludlow.local,,,0,6,,AAEBigaHvI9zgqVhhK4yfw0UxzAcRD0yLfh0mU5G6Lq33JI=,
30,01/30/14,07:19:04,DNS Update Request,192.168.200.68,BAD_ADDRESS,,,0,6,,,
10,01/30/14,07:19:04,Assign,192.168.200.68,,6021C0E66497,,734709404,0,,,
32,01/30/14,07:19:04,DNS Update Successful,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:19:04,DNS Update Request,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
11,01/30/14,07:19:04,Renew,192.168.100.10,Noahs-Ipod.ludlow.local,848506E9BCF0,,1755798843,0,,,
32,01/30/14,07:19:04,DNS Update Successful,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
30,01/30/14,07:19:21,DNS Update Request,192.168.100.115,Melissas-iPad.ludlow.local,,,0,6,,AAEBWa+Y6U066OotJwgYxsd0r4WlWFbRi23r65syxZ1CSX4=,
11,01/30/14,07:19:21,Renew,192.168.100.115,Melissas-iPad.ludlow.local,041552B321A4,,1136634598,0,,,
32,01/30/14,07:19:22,DNS Update Successful,192.168.100.115,Melissas-iPad.ludlow.local,,,0,6,,AAEBWa+Y6U066OotJwgYxsd0r4WlWFbRi23r65syxZ1CSX4=,
30,01/30/14,07:19:23,DNS Update Request,192.168.200.68,BAD_ADDRESS,,,0,6,,,
11,01/30/14,07:19:23,Renew,192.168.200.68,,6021C0E66497,,3892725690,0,,,
32,01/30/14,07:19:23,DNS Update Successful,192.168.200.68,BAD_ADDRESS,,,0,6,,,
13,01/30/14,07:19:26,Conflict,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:19:29,DNS Update Request,192.168.200.68,BAD_ADDRESS,,,0,6,,,
10,01/30/14,07:19:29,Assign,192.168.200.68,,6021C0E66497,,3507239814,0,,,
32,01/30/14,07:19:29,DNS Update Successful,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:19:33,DNS Update Request,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
11,01/30/14,07:19:33,Renew,192.168.100.10,Noahs-Ipod.ludlow.local,848506E9BCF0,,1772576059,0,,,
32,01/30/14,07:19:33,DNS Update Successful,192.168.100.10,Noahs-Ipod.ludlow.local,,,0,6,,AAEBcMLcZNAQkNiPzr+WDzQUzKRHAQQ40R5Qs/XW2OBsCfg=,
30,01/30/14,07:19:36,DNS Update Request,192.168.100.35,iDevices-iPod.ludlow.local,,,0,6,,AAEBFRqIzdXCu9pqShdi5/lq7LLN+pI7v0tCInwVnlPW1zw=,
10,01/30/14,07:19:36,Assign,192.168.100.35,iDevices-iPod.ludlow.local,D8D1CB0C4B3C,,1043927758,0,,,
32,01/30/14,07:19:36,DNS Update Successful,192.168.100.35,iDevices-iPod.ludlow.local,,,0,6,,AAEBFRqIzdXCu9pqShdi5/lq7LLN+pI7v0tCInwVnlPW1zw=,
30,01/30/14,07:19:37,DNS Update Request,192.168.100.35,iDevices-iPod.ludlow.local,,,0,6,,AAEBFRqIzdXCu9pqShdi5/lq7LLN+pI7v0tCInwVnlPW1zw=,
11,01/30/14,07:19:37,Renew,192.168.100.35,iDevices-iPod.ludlow.local,D8D1CB0C4B3C,,1043927758,0,,,
32,01/30/14,07:19:37,DNS Update Successful,192.168.100.35,iDevices-iPod.ludlow.local,,,0,6,,AAEBFRqIzdXCu9pqShdi5/lq7LLN+pI7v0tCInwVnlPW1zw=,
30,01/30/14,07:19:38,DNS Update Request,192.168.211.1,U39RM11-1.ludlow.local,,,0,6,,AAEBv23zaAWZ4WuK1b2+dVq95TA2xTDStNgPobG8nwaXmPQ=,
11,01/30/14,07:19:38,Renew,192.168.211.1,U39RM11-1.ludlow.local,E840F2D1CE03,,3851649786,0,,,
32,01/30/14,07:19:38,DNS Update Successful,192.168.211.1,U39RM11-1.ludlow.local,,,0,6,,AAEBv23zaAWZ4WuK1b2+dVq95TA2xTDStNgPobG8nwaXmPQ=,
30,01/30/14,07:20:02,DNS Update Request,192.168.200.21,BAD_ADDRESS,,,0,6,,,
11,01/30/14,07:20:02,Renew,192.168.200.21,,5CF8A169E20C,,2527289584,0,,,
32,01/30/14,07:20:02,DNS Update Successful,192.168.200.21,BAD_ADDRESS,,,0,6,,,
13,01/30/14,07:20:05,Conflict,192.168.200.21,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:20:07,DNS Update Request,192.168.200.21,BAD_ADDRESS,,,0,6,,,
10,01/30/14,07:20:07,Assign,192.168.200.21,,5CF8A169E20C,,2452767822,0,,,
32,01/30/14,07:20:07,DNS Update Successful,192.168.200.21,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:20:15,DNS Update Request,192.168.231.2,U39Rm31-2.ludlow.local,,,0,6,,AAEBfU6IakW2GjJUF9LqGDA6HTGPvTf5uLEg39/xoy27s7Q=,
11,01/30/14,07:20:15,Renew,192.168.231.2,U39Rm31-2.ludlow.local,0011116E27A9,,2943185667,0,,,
32,01/30/14,07:20:15,DNS Update Successful,192.168.231.2,U39Rm31-2.ludlow.local,,,0,6,,AAEBfU6IakW2GjJUF9LqGDA6HTGPvTf5uLEg39/xoy27s7Q=,
30,01/30/14,07:20:15,DNS Update Request,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,,,0,6,,AAEBZ8X3hdJsXWkCTi64DjXKWgzR8VSvxXmR27vdeEmuXFc=,
11,01/30/14,07:20:15,Renew,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,10AE60DDC84E,,3515676649,0,,,
32,01/30/14,07:20:15,DNS Update Successful,192.168.100.20,android-6bb3d55f112e2c78.ludlow.local,,,0,6,,AAEBZ8X3hdJsXWkCTi64DjXKWgzR8VSvxXmR27vdeEmuXFc=,
30,01/30/14,07:20:16,DNS Update Request,192.168.200.68,BAD_ADDRESS,,,0,6,,,
11,01/30/14,07:20:16,Renew,192.168.200.68,,6021C0E66497,,3323928240,0,,,
32,01/30/14,07:20:16,DNS Update Successful,192.168.200.68,BAD_ADDRESS,,,0,6,,,
13,01/30/14,07:20:19,Conflict,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:20:21,DNS Update Request,192.168.200.68,BAD_ADDRESS,,,0,6,,,
10,01/30/14,07:20:21,Assign,192.168.200.68,,6021C0E66497,,4015370588,0,,,
32,01/30/14,07:20:21,DNS Update Successful,192.168.200.68,BAD_ADDRESS,,,0,6,,,
30,01/30/14,07:20:30,DNS Update Request,192.168.107.132,ShonaTrisiPhone.ludlow.local,,,0,6,,AAEBEAQoKj7rtYMVPEaXrk7cnBX90v+WX4e8VWX/LLIlYsQ=,
11,01/30/14,07:20:30,Renew,192.168.107.132,ShonaTrisiPhone.ludlow.local,8C58779AAE66,,3741452386,0,,,
32,01/30/14,07:20:30,DNS Update Successful,192.168.107.132,ShonaTrisiPhone.ludlow.local,,,0,6,,AAEBEAQoKj7rtYMVPEaXrk7cnBX90v+WX4e8VWX/LLIlYsQ=,
30,01/30/14,07:20:37,DNS Update Request,192.168.107.132,ShonaTrisiPhone.ludlow.local,,,0,6,,AAEBEAQoKj7rtYMVPEaXrk7cnBX90v+WX4e8VWX/LLIlYsQ=,
11,01/30/14,07:20:37,Renew,192.168.107.132,ShonaTrisiPhone.ludlow.local,8C58779AAE66,,3758229602,0,,,
32,01/30/14,07:20:37,DNS Update Successful,192.168.107.132,ShonaTrisiPhone.ludlow.local,,,0,6,,AAEBEAQoKj7rtYMVPEaXrk7cnBX90v+WX4e8VWX/LLIlYsQ=,
30,01/30/14,07:20:38,DNS Update Request,192.168.106.131,Martina-ipad2.ludlow.local,,,0,6,,AAEB4JkFG0yi5GATQmXtmGs+xNyzUMvp5CHQ7vC17roJRV8=,
11,01/30/14,07:20:38,Renew,192.168.106.131,Martina-ipad2.ludlow.local,E0B9BAD88CF4,,743727717,0,,,
32,01/30/14,07:20:38,DNS Update Successful,192.168.106.131,Martina-ipad2.ludlow.local,,,0,6,,AAEB4JkFG0yi5GATQmXtmGs+xNyzUMvp5CHQ7vC17roJRV8=,
30,01/30/14,07:21:24,DNS Update Request,192.168.236.10,U39Rm36-1Miel.ludlow.local,,,0,6,,AAEB9phYpXhSho8uUIuhgdv60Mgthppg4Vw9tU1MsxQLUNU=,
11,01/30/14,07:21:24,Renew,192.168.236.10,U39Rm36-1Miel.ludlow.local,7054D2457626,,2120051083,0,,,
32,01/30/14,07:21:24,DNS Update Successful,192.168.236.10,U39Rm36-1Miel.ludlow.local,,,0,6,,AAEB9phYpXhSho8uUIuhgdv60Mgthppg4Vw9tU1MsxQLUNU=,
30,01/30/14,07:21:32,DNS Update Request,192.168.100.4,Haileys-iPad.ludlow.local,,,0,6,,AAEBKB7Xlol/CFyRFfPIXdtUN1OmQ0w/zWeclSXhRX49EuM=,
11,01/30/14,07:21:32,Renew,192.168.100.4,Haileys-iPad.ludlow.local,ACCF5C2CB6DC,,437817067,0,,,
32,01/30/14,07:21:32,DNS Update Successful,192.168.100.4,Haileys-iPad.ludlow.local,,,0,6,,AAEBKB7Xlol/CFyRFfPIXdtUN1OmQ0w/zWeclSXhRX49EuM=,
30,01/30/14,07:21:33,DNS Update Request,192.168.117.131,Lisas-iPad-2.ludlow.local,,,0,6,,AAEBigaHvI9zgqVhhK4yfw0UxzAcRD0yLfh0mU5G6Lq33JI=,
11,01/30/14,07:21:33,Renew,192.168.117.131,Lisas-iPad-2.ludlow.local,A4D1D20EF3A7,,178302469,0,,,
32,01/30/14,07:21:33,DNS Update Successful,192.168.117.131,Lisas-iPad-2.ludlow.local,,,0,6,,AAEBigaHvI9zgqVhhK4yfw0UxzAcRD0yLfh0mU5G6Lq33JI=,
30,01/30/14,07:21:51,DNS Update Request,192.168.231.3,U39Rm31-3.ludlow.local,,,0,6,,AAEBZLIcMEpmxTb3TnhGsNRxgdLLmJ3biPg8dRuPqwkG0EE=,
11,01/30/14,07:21:51,Renew,192.168.231.3,U39Rm31-3.ludlow.local,001CC06D271A,,647858421,0,,,
32,01/30/14,07:21:51,DNS Update Successful,192.168.231.3,U39Rm31-3.ludlow.local,,,0,6,,AAEBZLIcMEpmxTb3TnhGsNRxgdLLmJ3biPg8dRuPqwkG0EE=,
30,01/30/14,07:21:57,DNS Update Request,192.168.231.4,U39Rm31-4.ludlow.local,,,0,6,,AAEB8jeDfIgZt/5EtAnoDCaYlU2UDndCxbY6+F8Q8jhcwZk=,
11,01/30/14,07:21:57,Renew,192.168.231.4,U39Rm31-4.ludlow.local,001CC06D2722,,1511683688,0,,,
32,01/30/14,07:21:57,DNS Update Successful,192.168.231.4,U39Rm31-4.ludlow.local,,,0,6,,AAEB8jeDfIgZt/5EtAnoDCaYlU2UDndCxbY6+F8Q8jhcwZk=,
30,01/30/14,07:21:59,DNS Update Request,192.168.102.1,LESKinder1.ludlow.local,,,0,6,,AAEBp2ylbEUqDPc66pqOvwGle4wCK2aPj7j68lVBh0Uz+HY=,
11,01/30/14,07:21:59,Renew,192.168.102.1,LESKinder1.ludlow.local,001320782CA2,,3119110832,0,,,

Hi,

According to current information, I think it related to name squatting. For windows clients we can protect DNS records via permission, only the computer who register the record has the permission to update it. But this mechanism doesnt work for non-windows clients.

You can enable DHCP name protection:

Open DHCP console tree>Right click Scope>Properties>DNS>Configure>Check option Enable name protection.

The root cause is that you have name conflict among these clients.

Hope this helps.

I had name protection on initially and turned it off. Prior to turning it off I was getting literally dozens (I stopped counting after 120 entries of bad_address) of entries. After I turned it off, I was back down to two last Friday and three today.

I will re-enable it and see if it floods the logs with the entry again.

And additionally, back to my original post, nothing is showing up in DNS for the Chromebooks, whether it's in the forward lookup or the reverse lookup. Everything else, iOS, Android, and Windows machines are showing up fine and registering through dhcp correctly.

To ensure that all DHCP clients get registered, especially if they are not domain members, there are a number of things that must be done.

If the zone is set to allow Secure Only updates, then the Chromebooks or anything else won't be able to register, because Secure Only uses Kerberos authentication. However, if DHCP is doing it, based on your settings posted earlier in the post, that's good, but then this is assuming that DHCP Option 015 is set to the AD domain name, domain.local.

However upon renewals, if the IP has changed, then DHCP will not be able to update the current A record in DNS. DHCP would have to be configured with Credentials and the DHCP server's computer object would have to be added to the DnsUpdateProxy group to make this work.

In summary:

• Configure DHCP Credentials. The credentials only need to be a plain-Jane, non-administrator, user account. But give it a really strong password.
• Set DHCP to update everything, whether the clients can or cannot.
• Set the zone for Secure & Unsecure Updates. Do not leave it Unsecure Only.
• Add the DHCP server(s) to the Active Directory, Built-In DnsUpdateProxy security group. Make sure ALL other non-DHCP servers are NOT in the DnsUpdateProxy group. For example, some folks may believe that the DNS servers or other DCs not running DHCP should be in it. That's incorrect. They must be removed or it won't work. Make sure that NO user accounts are in that group, either. (I hope that's crystal clear - you would be surprised how many will respond asking if the DHCP credentials should be in this group.)
• On Windows 2008 R2 or newer, DISABLE Name Protection.
• If DHCP is co-located on a Windows 2008 R2 or Windows 2012 DC, you can and must secure the DnsUpdateProxy group by running the following:
       dnscmd /config /OpenAclOnProxyUpdates 0
• Configure Scavenging on ONLY one DNS server. What it scavenges will replicate to others anyway.
• Set the scavenging NOREFRESH and REFRESH values combined to be equal or greater than the DHCP Lease length.

*

Here's some more info on it:

DHCP Service Configuration, Dynamic DNS Updates, Scavenging, Static Entries, Timestamps, DnsUpdateProxy Group, DHCP Credentials, prevent duplicate DNS records, DHCP has a "pen" icon, and more... (Screen shots!)
Published by Ace Fekay, MCT, MVP DS on Aug 20, 2009 at 10:36 AM  3758  2 
http://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx  

Good summary
How Dynamic DNS behaves with multiple DHCP servers on the same Domain?
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/e9d13327-ee75-4622-a3c7-459554319a27

Another good Summary:
Thread: "DNS problem" December 18, 2013
http://social.technet.microsoft.com/Forums/windowsserver/en-US/37b8b6b3-6cb1-496c-8492-09ded13bab18/dns-problem?forum=winserverNIS

*

I have this configured at multiple customers for many years and it works like a charm. I see everything... iPhones, Androids, Windows Phones, Kindles, people's 10 year old non-domain joined laptops, Chromebooks, etc etc etc....

I hope you find this helpful.