DHCP Lease & DNS Scavenaging Times - Advice required.

Hi,

We recently migrated to a new network a few months ago.

Approx:
80 Windows 2003 servers (Static IP)
250+ Printers / Managed Switches / Routers etc. (Static IP)
1950 XP Desktops (DHCP)
30 XP Laptops (DHCP)

There are two servers acting as both DNS and DHCP servers.
DHCP servers have enough IP's available in their scopes to service many times this number of PC's.
Statistics show that there are only 10% of IP's in use overall and even the heaviest loaded scope is only using 25% of the available IP's (500 in each scope).

Unfortunatley the consultant who designed / configured the system is gone and no longer available.
A few issues have arrisen recently and I discovered that DHCP leases have been set to only 8 hours and scavenging in DNS has not been enabled.

Can someone advise the best practice for DHCP leases and DNS Scavenging periods on a network of this size.
8 hours lease seems very short when there are very few mobile users.
DNS is filling up with duplicate IP addresses for different hosts as the records are never scavenged!

e.g.

HostA gets assigned IP 10.244.1.50 and registers in DNS.
HostA is switched off for a day.
HostB gets assigned IP 10.244.1.50 and registers in DNS.
(There are now two hosts in DNS with the same IP address)
Ping HostA replies with IP 10.244.1.50 even though it's powered off.

Additional points given for explanation why you would use the lease period / scavenging period you suggest!!

Many Thanks!

Anthony.
LVL 4
livinganAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
averybConnect With a Mentor Commented:
The number of available IP addresses available and the amount of network traffic you can handle will help determine an acceptable DHCP Lease.

Since you have gobs of IP addresses that aspect isnt' relevant here.   You could set the lease to be 100 years if you want.  There is no need to worry about releasing IP's to make the available for other hosts.  8 hours is very, very short.  I'd set it to 8-12 days.

After half of the lease period has expired the host will try to renew its IP address.  This is why the longer the IP address the less DHCP related network traffic.  Granted, the renewals are all directed to the specific DHCP server, so at least they aren't broadcasts.  

With a longer lease period, the IP address won't be returned to the DHCP pool; so it won't be assigned to other hosts.  That will go a long way to preventing the duplicate IP addresses in DNS.  Machine A will get its IP address and lease it for say 8 days.  No one else can get that IP for 8 days.  Each time the host checks in with the DHCP server it will renew its current IP address.

I would suggest making the lease long enough to cover the typical length of time that the laptops are not on the network and/or the majority of your machines are shut down.  It'll cut down on breoadcast traffic if those machines can renew their IP address when they return from being off the network instead of having to go through the entire DHCP Lease Acquisition Process.   Since I expect that the laptops are gone (and many desktops shut down) over the weekend, I would say the minimum would be 4 days.  It'll give you a day or two leeway.

With the longer DHCP leases you'll probably also see quicker boot times since the hosts avoid DHCP Denials when they try to renew their IP (since someone else has already been assigned it).  Renewing your current IP is a lot quicker than trying to renew, getting rejected, and then going through the entire DHCP Lease Acquisition process.

I would set the scavenging to at least twice your DHCP lease period.  That'll make sure (at least help prevent) valid registrations from being deleted.

Let me know how it goes.

Brent



0
 
Nirmal SharmaSolution ArchitectCommented:
>>>Additional points given for explanation why you would use the lease period / scavenging period you suggest!!

***Quote***

And a Time to Scavenge
Let's assume that we boot mypc, which registers its A record with the primary DDNS server for the acme.com zone. Then, we shut down mypc and never turn it on again. A year later, that A record for mypc will still exist in the acme.com zone file because, by default, Win2K DDNS doesn't eliminate old records. But you can configure scavenging to change that behavior and direct Win2K's DDNS server to eliminate stale records of all types—not only A records.

To activate scavenging, you need to turn it on in several places. First, open the Microsoft Management Console (MMC) DNS snap-in and right-click the icon in the left-hand pane that represents your DNS server. Choose Set Aging/Scavenging for all zones, and select the Scavenge stale resource records check box in the Server Aging/Scavenging Properties dialog box. You'll see No-refresh interval and Refresh interval controls. I'll discuss these intervals later; for now, simply use the defaults. Click OK to clear the dialog box, then click OK again in the Server Aging/Scavenging Confirmation dialog box. Repeat these steps for each zone.

Assuming your DNS server is the primary DNS server for the acme.com domain, double-click the icon that represents the DNS server to see the Forward Lookup Zones folder. In that folder, you'll see another folder that represents the acme.com domain. Right-click the domain folder, choose Properties, and click Aging on the General tab. Again, select the Scavenge stale resource records check box and click OK, then click OK again.

Finally, right-click the icon that represents your DNS server, choose Properties, and click the Advanced tab on the resulting properties page. Select the Enable automatic scavenging of stale records check box, and you're finished.

***End Quote***

Ref: - http://www.windowsitpro.com/Article/ArticleID/19897/19897.html

0
 
livinganAuthor Commented:
Yip - I know scavenging needs to be enabled and I know how to do it...
Scavenging / aging is closely tied to the DHCP lease time.

My question is - given a network of approx 2000 devices (which hardly ever change) what is the best DHCP lease time to use and based on this what should we then set the scavenging / aging periods to??

Cheers,

Anthony.
0
[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

 
averybCommented:
One more thing to add.  

The length of your DHCP lease determines how often your DHCP clients check in with the DHCP server to see if any of the parameters have changed.

Not really an issue currently, but if you want to roll out a new DNS server IP or default gateway, it may take a little while for everyone to get the word.  Of course you could just add an ipconfig /renew to a login script to force all clients to contact the DHCP server.

0
 
livinganAuthor Commented:
Cheers averyb - I was thinking along the lines of the standard 8 day lease for DHCP.

DNS on the other hand is something I do not have as much experience in.
Can someone advise as to the best practice for scavenging DNS based on the information given.

Many Thanks!

Anthony.
0
 
livinganAuthor Commented:
I'm closing this question with the points going to averyb for suggesting a DHCP lease time.

I'm also opening another question specifically to cover the DNS Scavenging side of things as it hasn't really been addressed here.

Many Thanks,

Anthony.
0
 
livinganAuthor Commented:
0
All Courses

From novice to tech pro — start learning today.