Solved

DNS Aging and Scavenging

Posted on 2014-04-24
9
271 Views
Last Modified: 2014-05-01
We have just upgraded the workstations for one of our clients.  All the attorneys at this site chose to go with Windows Surface Pros for their hardware.  They have docking stations in their offices, but of course the Surfaces also have wireless so that they can move into a conference room and still be on the network.

My concern is about IP addressing issues and conflicts, so I want to be sure that the DNS aging and scavenging settings are optimized for this type of environment.  I was thinking about reducing the aging/scavenging period (now set at 7 days) to something like 1 or 2 days, so that the IP addresses used by the wireless cards will not hang around for long periods of time without being used.  However, I'm a little concerned about how/whether this would negatively impact network traffic or cause some other unforeseen issue.

Any sage advice based on actual real-world experience would be appreciated!
0
Comment
Question by:Hypercat (Deb)
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 2

Expert Comment

by:Puspharaj Selvaraj
ID: 40022059
As long as the router or firewall supports the DNS addressing, then there is no issue.

I would use VLAN's for this device and set DNS expiry for 5days week.

I worked on a large environment were 50~70 laptops and desktops connection and mobile and ipad connections, ideally expiry date will force the device to look up after every week.

Then there will be little network congestion on the firewall or router, but it should be fine.
0
 
LVL 38

Author Comment

by:Hypercat (Deb)
ID: 40022802
The issue I'm facing is that the wireless network for internal devices (which is secured of course) is on the same subnet as the wired network.  So, IOW, the devices will end up with two different IP addresses on the same subnet, so I'm trying to make sure we don't run into any issues with running out of addresses on that subnet.  Also it can create issues for the support team when they're trying to diagnose problems on one of these workstations.

If I use a 5-day aging period, then the DNS records still would remain on the server for 10 days before being scavenged, right? What I'm trying to do is reduce this time frame (now 14 days which is the default) to something closer to 2 or 3 days.
0
 
LVL 2

Expert Comment

by:Puspharaj Selvaraj
ID: 40022936
I used to split the subnet for those two.

One subnet for wireless and one for wired. Your device doesn't support such things?..

I believe your talking about internal DHCP services on the router or firewall.

Would you please explain your setup bit more.

Thanks!
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 38

Author Comment

by:Hypercat (Deb)
ID: 40023005
DHCP for the internal subnet is handled by one of the Windows 2008 servers on the domain.  There is a separate VLAN for a guest wireless network which is on a different subnet from the internal network. So it looks something like this:

Internal wired              |
                                      |--------Switch VLAN1-------Perimeter router VLAN1 (DHCP on server)
Internal wireless  APs |

Guest wireless APs|-------Switch VLAN100-----Perimeter router VLAN100 (DHCP on router)
0
 
LVL 40

Expert Comment

by:footech
ID: 40023108
Two articles that I reference over and over whenever thinking about scavenging are
http://blogs.technet.com/b/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx
http://blogs.technet.com/b/networking/archive/2009/02/09/optimizing-your-network-to-keep-your-dns-squeaky-clean.aspx

You'll need to adjust your no-refresh and refresh intervals along with the scavenging period.  Then you'll probably also want to reduce the DHCP lease period.
0
 
LVL 40

Expert Comment

by:footech
ID: 40023231
Also, are you more concerned with the DNS records or with available IP addresses?
0
 
LVL 38

Author Comment

by:Hypercat (Deb)
ID: 40023284
I guess in the end I'm more concerned about DNS.  I know I could enlarge the DHCP scope if I ran out of IP addresses, but if DNS gets flummoxed it could be a PITA.  And the issue is not how to configure DNS scavenging, I already have it configured.  The issue is that I've always left the aging and scavenging periods set to the defaults, but I'm pondering making the periods shorter and am concerned about the potential effect on network traffic and loads on the server side in general.  This is a small network - 2DCs, one of which is also the Exchange server and the other is also a file server and DHCP server. Maybe that means I needn't be concerned, but maybe it's the opposite...
0
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 40023398
I wouldn't be concerned with any traffic increase if you were to set the no-refresh, refresh, and scavenging period all to 2 days.  It would be pretty minimal.
0
 
LVL 38

Author Closing Comment

by:Hypercat (Deb)
ID: 40035483
Thanks - your answer confirms what I thought and made me feel more comfortable with making this change.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question