Solved

DNS Scavenging - is my configuration OK?

Posted on 2014-12-09
9
76 Views
Last Modified: 2015-01-22
Hi all,

We have been having random issues with users getting stuck whilst logging on and my gut feeling is that it is a DNS issue.  (After powering off/on their PC, logging in as local admin and doing an ipconfig /release /renew they can log on as normal).

I was looking at our DNS scavenging settings and noticed that it seems to be configured a bit differently to how I normally see it configured in instruction guides etc:

Our scavenging/ageing settings for 'all zones' is configured as below:

Scavenging/ageing settings for all zones
I am a bit concerned that no-refresh interval is set as 5 days and refresh interval is set as 4 days.  I wonder if the problem is occurring on the cross over 1 day of these two periods?

Normally when I see this configured in instruction guides, they seem to both be set as 7 days.

Could this be causing an issue?
0
Comment
Question by:fieldj
  • 4
  • 4
9 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40488642
Your settings aren't an issue. And from what you describe, DNS itself is likely not an issue. DHCP, on the other hand, might be.
0
 

Author Comment

by:fieldj
ID: 40488650
What would you advise I check in DHCP?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40488655
Lease times perhaps. Seeing an ipconfig and nslookup results from a client when it stops working would be enlightening as well.
0
 

Author Comment

by:fieldj
ID: 40488661
Lease time is set to 4 days.

Its difficult to get an ipconfig/nslookup etc from a client when the problem occurs as its stuck during the logon process.  I am going to try and experiment with psexec to remotely run these commands if possible
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40488694
A lease time shorter than your no-refresh interval can be a problem. I'd start there. As for long login times, if you wait, it'll complete, probably around the 60-minit timeout mark.
0
 

Author Comment

by:fieldj
ID: 40488995
Meanwhile the end user has killed me for making them wait 60 minutes!  To be honest its not a major issue, we just force a power off, power on, log on as Administrator, ipconfig release /renew and then they can log on as normal.

Its very infrequent, we probably average one pc with this problem every two days (approx 200 users).

What you said about the DHCP lease time being shorter than no-refresh interval is interesting, but goes against what I have read elsewhere.

Are you able to explain why this would be a problem as I am struggling to get my head around the DNS refresh / no-refresh thing?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40489032
Because the lease is going to expire and attempt to renew when the DNS record is still in the no refresh window. That could, in theory, cause the system go hang at the point that the DHCP client is attempting to refresh the DNS record and is being given an access denied message. It should handle that gracefully, but there mah be a big that is causing it to fail. In most environments the lease time is longer than the no-refresh window so by the time DHCP renews the lease, it is also allowed to refresh the DNS record, hence avoiding the problem. I can't honestly think of a reason why you'd have a no-refresh shorter than the lease time.
0
 

Author Comment

by:fieldj
ID: 40489107
OK great, thanks for explaining.

I have just been scanning (by eye) through DNS and noticed a couple of clients with the same Ip address listed which I found interesting.

I have changed our DHCP lease time to 7 days.  We will monitor things over the coming days to see if this helps fix the issue.
0
 
LVL 39

Expert Comment

by:footech
ID: 40489482
Here's a good article that helps to explain how DHCP lease time and DNS scavenging relate.
http://blogs.technet.com/b/askpfe/archive/2011/06/03/how-dns-scavenging-and-the-dhcp-lease-duration-relate.aspx
Parts of it take a little thought to grasp.  One thing I don't think it mentions is that clients will try to renew their DHCP lease halfway through the lease period, and if successful, refresh their DNS record.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now