Solved

DNS 101 - why are there entries from 2012 for machines on the LAN sbs 2011

Posted on 2014-01-20
4
475 Views
Last Modified: 2014-01-21
Sorry, this is likely a real basic question but....

why when I look at the forward lookup zones under the ourdomain.local folder, there's host(a) records for machines LONG gone.  it has timestamps for some of these from september 2012!  Several machines have the same IP addresses - the machine that had it long ago and now the current machine.

I right click and choose all tasks, reload - no change
on the server name, I right click and choose scavange stale resource records - no change

AH!!! under server aging / scavenging, the scavanage stale records is not checked.  I check that.  Leave the 2 intervals (no refresh and refresh) at 7 days?  It's a 15 user network.  lower it to hours?

will that solve the problem?  is that scavange checkbox unchecked by default?

what else can I change from the default that woudl make sense for better operations?
0
Comment
  • 2
4 Comments
 
LVL 22

Assisted Solution

by:Olaf De Ceuster
Olaf De Ceuster earned 200 total points
ID: 39796150
I always set scavenging to 7 days. It's not on by default.
Also use DHCP to update DNS (If you are using Microsoft DHCP)
If you have only a few records you can delete them manually from time to time.
Olaf
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39797045
thanks.  if it's not on by default. - would you say it generally is or is not on by default?  seems it should manage itself better - keeping machines that are gone for 1+ year seems like a waste.

And so I set it to 7 hours actually.  Like renewing DHCP leases after x hours vs. x days has a bit more traffic since they renew more times in a given period... anything wrong with 7 hours vs. 7 days?
0
 
LVL 25

Accepted Solution

by:
DrDave242 earned 300 total points
ID: 39797398
As Olaf mentioned, scavenging is disabled by default. It's up to you, but seven hours seems a little short to me. You don't want old records hanging around forever, but you also don't want valid records disappearing from DNS because they get scavenged before they have a chance to be refreshed.

From what I can find, the default DNS registration refresh interval (how often a Windows machine will refresh its dynamically registered DNS records) is 24 hours. If you've got your refresh and no-refresh intervals both set to seven hours each, a newly-created record is eligible for scavenging 14 hours after its creation. That's 10 hours before it will be refreshed. When it will actually be scavenged depends on the scavenging period on the server, but there's a good chance that valid records are going to be disappearing.

This TechNet blog entry is a bit old, but it's still my go-to resource for understanding how aging and scavenging work. It does a good job of explaining the different intervals and how they come together to determine when a given record will be scavenged.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39797421
I looked at the list of machines more than 7 hours after I changed to 7 hours and the old entries were still in the forwarding zone.  I deleted them rather than wait : )

Have to read that link you sent.  thanks!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now