DNS Scavenging Intervals
-
Thursday, October 04, 2012 1:54 PM
Hi all
Our DHCP lease is set to 1 day. I noticed our Scavenging settings are set to the following:
No-Refresh - 2 days
Refresh - 2 days
Because of this we're finding a lot of stale records. I read that scavenging settings should be equal to or less than the DHCP lease.
What is the recommended scavenging settings for DHCP lease which is set to 1 day?
- Edited by John P Christie Thursday, October 04, 2012 2:17 PM formatting
All Replies
-
Friday, October 05, 2012 4:19 AM
One day.
.
FYI - The scavenging total time formula is : NoRefresh + Refresh * 2 + scavenge period.
Example:
- Zone is set to a 3 day Refresh and a 3 day No-Refresh interval
- Server Scavenging period is set to 3 days
- The total time is set to 3 day No-Refresh + 3 day Refresh + 3 day No-Refresh + 1 to Scavenging period (1 day to 3 day in this example) = Scavenging will occur anytime between Day 10 to Day 12
Good discussion on it and an example by Rick Tan:
Thread: "Enable DNS aging and scavenging "
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/d4ec8490-60cd-4466-951a-203a1ddbfaff/.
Why such a short lease? Lots of laptops in and out? I think that you can have a 8 day lease, force DHCP to update everything whether the client asks or not, configure DHCP credentials and add the DHCP server object to the DnsUpdateProxy group, and keep scavenging at 7/7, it will work fine. I have it set this way at all my customers. Works like a charm. No dupes, new IPs for existing laptops get updated, no problems, time for a beer....
Here are the step by steps:
DHCP Service Configuration, Dynamic DNS Updates, Scavenging, Static Entries, Timestamps, DnsUpdateProxy Group, DHCP Credentials, prevent duplicate DNS records, DHCP has a "pen" icon, and more...
Published by Ace Fekay, MCT, MVP DS on Aug 20, 2009 at 10:36 AM 3758 2
http://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspxAce Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/This post is provided AS-IS with no warranties or guarantees and confers no rights.
-
Friday, October 05, 2012 9:12 AM
Did some research, it seems the short lease period was set to 1 day to handle machine swapouts but it was never changed back.
We are going to change our DHCP lease to 7 days.
So I plan to configure the following:
- No Refresh - 7 days
- Refresh - 7 days
- Server Scavenging - 7 days
Just to confirm, does the server scavenging of 7 days mean the scavenging will only run every 7 days? Based on your response the scavenging cycle should be day 21?
-
Friday, October 05, 2012 1:35 PM
Ok, so I've set the following:
7 day DHCP
- No refresh is set to 3 days
- Refresh is set to 3 days
- Server scavenging is 3 days.
The No-refresh + refresh is 6 days which based on the rules is equal to or less than the DHCP lease period of 7 days.
The server scavenging will then run every 3 days so the scavenged records should go after day 9.....
How's that?
-
Friday, October 05, 2012 5:18 PM
Actually, this is what is meant by keeping the scavenge periods less than or equal to the lease:
DHCP Lease = 7 or 8 days (8 is default)
- No refresh is set to 7 days
- Refresh is set to 7 days
- Server scavenging is 7 days
.
Therefore
- Zone is set to a 7 day Refresh and a 7 day No-Refresh interval
- Server Scavenging period is set to 7 days
- The total time is set to 7 day No-Refresh + 7 day Refresh + 7 day No-Refresh + 1 to Scavenging period (1 day to 7 day in this example) = Scavenging will occur anytime between Day 22 to Day 29.Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/This post is provided AS-IS with no warranties or guarantees and confers no rights.
-
Friday, October 05, 2012 5:19 PM
This is actually considered a 3-day.Ok, so I've set the following:
7 day DHCP
- No refresh is set to 3 days
- Refresh is set to 3 days
- Server scavenging is 3 days.
The No-refresh + refresh is 6 days which based on the rules is equal to or less than the DHCP lease period of 7 days.
The server scavenging will then run every 3 days so the scavenged records should go after day 9.....
How's that?
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/This post is provided AS-IS with no warranties or guarantees and confers no rights.
-
Monday, October 08, 2012 12:48 PM
Ace
I'm confused....a different blog entry suggests the DHCP lease should equal the "No Refresh" + "Refresh interval"
They use the example so that for default 8 day DHCP lease, the No Refresh + Refresh would be set to 4 days.
This would make sense because for a 8 day lease you'd see the following.
- Client A starts 8 day DHCP lease. Client A DNS records also enters 4 day "No Refresh" interval.
- Client A reaches 50% of DHCP lease on day 4 and lease is not renewed. Client A DNS record enters 4 day 'Refresh' interval
- Day 8 arrives, Client A loses DHCP lease. At this point 4 day DNS 'Refresh' interval ends as well and DNS record available to be scavanged.
Now, if the "No refresh" + "Refresh" interval was set to 7 days as you stated on a default 8 day lease, the Client A DNS record would be in the 'Refresh' interval for a further 6 days before it's available to be scavenged.
-
Monday, October 08, 2012 3:51 PM
Go with Sean's recommendations. I've talked to him before about DNS/DHCP interaction, and the one thing we did find, is that you must use DHCP Credentials AND add the server to the DnsUpdateProxy group. He had corrected that in another blog and Technet article. He must have missed this blog.
This is the part of his blog:
3. Allow the server DHCP to register the addresses on behalf of the clients.
- Pros:
- The DHCP server will be able to remove the DNS record as soon as the lease expires
- If setup correctly no duplicate records should exist.
- Cons:
- The setup is more involved.
- A service account will need to be setup to run the DHCP service, or all the DHCP servers will need to be joined to the DNSUpdateProxy group (less secure) adding complexity.
In the bolded part, instead of "OR" it should say "AND."
I'm going to email him to let him know.
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/This post is provided AS-IS with no warranties or guarantees and confers no rights.
- Marked As Answer by John P Christie Tuesday, October 09, 2012 10:49 AM
- Pros:
.png)
