From LedHed's Wiki
Jump to: navigation, search
 
Line 29: Line 29:
  
 
== Reference ==
 
== Reference ==
 +
https://technet.microsoft.com/en-us/library/cc771677.aspx
 +
 +
https://blogs.technet.microsoft.com/networking/2008/03/19/dont-be-afraid-of-dns-scavenging-just-be-patient/
 +
 
http://blogs.technet.com/b/dougga/archive/2012/02/09/it-takes-two-dns-scavenging.aspx
 
http://blogs.technet.com/b/dougga/archive/2012/02/09/it-takes-two-dns-scavenging.aspx
  
https://technet.microsoft.com/en-us/library/cc771677.aspx
+
 
  
 
[[Category:Windows]]
 
[[Category:Windows]]

Latest revision as of 22:46, 25 February 2016

Overview

DNS Scavenging is the process of removing stale records from the DNS database. Scavenging can be run manually or automatically.

Aging

Aging is the process of timestamping DNS records. This is enabled on a zone by zone basis (although there is an option to enable it on all zones at one for expediency). When you enable Aging you must set two perameters: No-Refresh Interval and Refresh Interval.

No-Refresh

Timestamps are replicated when aging is enabled, think of the No-Refresh Interval as a blackout period where where timestamps won't get replicated. This reduces traffic on your network. Keep in mind that the record can be updated (IP changed by a client with Dynamic-Updated enabled) but the timestamp won't reflect the time of the update. The No-Refresh Interval starts when ever a timestamp is created or changed.

Refresh Interval

The Refresh interval comes after the No-Refresh Interval. This is the window of time where refreshes are permitted. When a refresh happens the timestamp gets changed. When a timestamp changes, it immediately resets the timer and the No-Refresh Interval starts.


Scavenging

Scavenging works by looking at record timestamps, and evaluating whether a record is stale. A record is considered stale once both of the above intervals have elapsed (assuming defaults of 7 days for each, this would be 14 days). In this case the record will be deleted from the DNS Database. Scavenging is enabled at the server level. The scavenging process also has an interval. The default is 7 days as well. This means the scavenging job runs once every 7 days. So there could be a DNS records that have a timestamp that is just shy of 21 days (7 No-Refresh + 7 Refresh +


Notes

It is important to note that Aging works without scavenging turned. In this scenario timestamps get replicated as descrived above, but would never get deleted. Likewise scavenging runs even if aging is disabled, in this scenario the scavenging process would look at each zone but never find stale record to delete. In order for stale records to be purged from a DNS database, both aging and scavenging need to be enabled.


Methodology

Setting intervals too low only creates unnecessary replication traffic, I find that the defaults of 7 days are sufficient even for large enterprises. If you were to make changes to any of the intervals I would set the Scavenging interval to 1 day, then you would never have a record over 2 weeks old. It also has much less impact on replication traffic.


Reference

https://technet.microsoft.com/en-us/library/cc771677.aspx

https://blogs.technet.microsoft.com/networking/2008/03/19/dont-be-afraid-of-dns-scavenging-just-be-patient/

http://blogs.technet.com/b/dougga/archive/2012/02/09/it-takes-two-dns-scavenging.aspx