[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6262
  • Last Modified:

DNS Aging/Scavenging & DHCP lease duration recommendation

Dear All,

I would like to as whether is there a recommended setting for DNS Aging/Scavenging & DHCP lease duration?

For example, if the lease duration is 8 days, so do I have to configure the DNS Aging/Scavenging for more or less 8 day?

Thanks
0
Arabsoft_Security
Asked:
Arabsoft_Security
  • 2
  • 2
  • 2
  • +2
3 Solutions
 
Chris PattersonCommented:
In my experience, i have always had the DNS scavenging set to the same time as the DHCP lease duration.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
There's nothing wrong with the default settings in Windows.  If the DHCP lease is 8 days, it renews in 4 anyway...
0
 
Arabsoft_SecurityAuthor Commented:
so what are the best configuration?

is there any link from microsoft talk about this?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Paul MacDonaldDirector, Information SystemsCommented:
Microsoft will tell you to use the default values unless you need to ameliorate traffic on your network.  Do you have a large number of DHCP clients?  Are you running out of IP addresses?  Do you have a large number of machines that are mobile (in and out of the office)?  Do you have a large number of machines that are often turned off?  Unless you answer yes to any of these questions, you're probably okay.

0
 
Chris PattersonCommented:
I would stick with the default settings unless you are having issues.  Are you by any chance experiencing any problems?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
You can always use DHCP server to dynamicaly register DNS records and remove them if they no longer are necessary. Then you don't have to worry about DNS Aging and Scavengind the best settings :)

Regards,
Krzysztof
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
0
 
Arabsoft_SecurityAuthor Commented:
Hi iSiek,

how i can do what you mentioned
0
 
Krzysztof PytkoActive Directory EngineerCommented:
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 2
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now