From LedHed's Wiki
Revision as of 22:33, 25 February 2016 by Ledhed (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Overview

DNS Scavenging is the process of removing stale records from the DNS database. Scavenging can be run manually or automatically.

Aging

Aging is the process of timestamping DNS records. This is enabled on a zone by zone basis (although there is an option to enable it on all zones at one for expediency). When you enable Aging you must set two perameters: No-Refresh Interval and Refresh Interval. In my experience leaving these set to the default (7 days) is more than sufficient even for large enterprises.

No-Refresh

Timestamps are replicated when aging is enabled, think of the No-Refresh Interval as a blackout period where where timestamps won't get replicated. This reduces traffic on your network. Keep in mind that the record can be updated (IP changed by a client with Dynamic-Updated enabled) but the timestamp won't reflect the time of the update. The No-Refresh Interval starts when ever a timestamp is created or changed.

Refresh Interval

The Refresh interval comes after the No-Refresh Interval. This is the window of time where refreshes are permitted. When a refresh happens the timestamp gets changed. When a timestamp changes, it immediately resets the timer and the No-Refresh Interval starts.


Scavenging

Scavenging works by looking at record timestamps, and evaluating whether a record is stale. A record is considered stale once both of the above intervals have elapsed (assuming defaults of 7 days for each, this would be 14 days). In this case the record will be deleted from the DNS Database. Scavenging is enabled at the server level.


Notes

It is important to note that Aging works without scavenging turned. In this scenario timestamps get replicated as descrived above, but would never get deleted. Likewise scavenging runs even if aging is disabled, in this scenario the scavenging process would look at each zone but never find stale record to delete. In order for stale records to be purged from a DNS database, both aging and scavenging need to be enabled.



Reference

http://blogs.technet.com/b/dougga/archive/2012/02/09/it-takes-two-dns-scavenging.aspx

https://technet.microsoft.com/en-us/library/cc771677.aspx