Solved

DNS - lots of multiple entries and systems no longer on network?

Posted on 2004-04-22
4
270 Views
Last Modified: 2010-04-11
HI.

We're having some Active Directory/Internet Slowness and I've taken a look at our DNS.  It is set to scavenge stale records every 3 days and allow dynamic updates is set to secure only.  The forward lookup zones contain lots of multiple entries (existing and non existing) for systems and there are systems that haven't been attached to the network for months that show up.  

Am I wrong in thinking that scavenging every three days should clear these old entries out? What does "secure only" updates mean?

Thanks in advance.
0
Comment
Question by:zenportafino
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Orbsol
ID: 10899014
Scavenging does excactly what you think it does. Or at least it should. It can be set at zone level or globally, so make sure it is set for the zone you are looking at. Secure Updates can only be made for zones that are associated with active directory, and it is simply a secure way of updating dymanic entries. If you have it ticked, your server will refuse updates from a host that tries to update insecurely.

A good url for all aspects of Windows DNS can be found at http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_DNStopnode.asp
0
 
LVL 4

Expert Comment

by:boxcar7
ID: 10901837
Verify that those old records are indeed not static entries entered into DNS.  If they are, you will have to manually remove them.

0
 
LVL 1

Author Comment

by:zenportafino
ID: 10903791
Ok, as it turns out scavengin was only set on the server and NOT the zones.  I want to enable scavenging but have read warnings about doing so.  This is a small network with less than 70 systems in a single site.  Should I have any concerns before enabling it?
0
 
LVL 3

Accepted Solution

by:
Orbsol earned 250 total points
ID: 10911574
None whatsover in my opinion. I have never had a any trouble with it.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now