Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DNS Scavenging - is my configuration OK?

Posted on 2014-12-09
9
Medium Priority
?
94 Views
Last Modified: 2015-01-22
Hi all,

We have been having random issues with users getting stuck whilst logging on and my gut feeling is that it is a DNS issue.  (After powering off/on their PC, logging in as local admin and doing an ipconfig /release /renew they can log on as normal).

I was looking at our DNS scavenging settings and noticed that it seems to be configured a bit differently to how I normally see it configured in instruction guides etc:

Our scavenging/ageing settings for 'all zones' is configured as below:

Scavenging/ageing settings for all zones
I am a bit concerned that no-refresh interval is set as 5 days and refresh interval is set as 4 days.  I wonder if the problem is occurring on the cross over 1 day of these two periods?

Normally when I see this configured in instruction guides, they seem to both be set as 7 days.

Could this be causing an issue?
0
Comment
Question by:fieldj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40488642
Your settings aren't an issue. And from what you describe, DNS itself is likely not an issue. DHCP, on the other hand, might be.
0
 

Author Comment

by:fieldj
ID: 40488650
What would you advise I check in DHCP?
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40488655
Lease times perhaps. Seeing an ipconfig and nslookup results from a client when it stops working would be enlightening as well.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:fieldj
ID: 40488661
Lease time is set to 4 days.

Its difficult to get an ipconfig/nslookup etc from a client when the problem occurs as its stuck during the logon process.  I am going to try and experiment with psexec to remotely run these commands if possible
0
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 40488694
A lease time shorter than your no-refresh interval can be a problem. I'd start there. As for long login times, if you wait, it'll complete, probably around the 60-minit timeout mark.
0
 

Author Comment

by:fieldj
ID: 40488995
Meanwhile the end user has killed me for making them wait 60 minutes!  To be honest its not a major issue, we just force a power off, power on, log on as Administrator, ipconfig release /renew and then they can log on as normal.

Its very infrequent, we probably average one pc with this problem every two days (approx 200 users).

What you said about the DHCP lease time being shorter than no-refresh interval is interesting, but goes against what I have read elsewhere.

Are you able to explain why this would be a problem as I am struggling to get my head around the DNS refresh / no-refresh thing?
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40489032
Because the lease is going to expire and attempt to renew when the DNS record is still in the no refresh window. That could, in theory, cause the system go hang at the point that the DHCP client is attempting to refresh the DNS record and is being given an access denied message. It should handle that gracefully, but there mah be a big that is causing it to fail. In most environments the lease time is longer than the no-refresh window so by the time DHCP renews the lease, it is also allowed to refresh the DNS record, hence avoiding the problem. I can't honestly think of a reason why you'd have a no-refresh shorter than the lease time.
0
 

Author Comment

by:fieldj
ID: 40489107
OK great, thanks for explaining.

I have just been scanning (by eye) through DNS and noticed a couple of clients with the same Ip address listed which I found interesting.

I have changed our DHCP lease time to 7 days.  We will monitor things over the coming days to see if this helps fix the issue.
0
 
LVL 41

Expert Comment

by:footech
ID: 40489482
Here's a good article that helps to explain how DHCP lease time and DNS scavenging relate.
http://blogs.technet.com/b/askpfe/archive/2011/06/03/how-dns-scavenging-and-the-dhcp-lease-duration-relate.aspx
Parts of it take a little thought to grasp.  One thing I don't think it mentions is that clients will try to renew their DHCP lease halfway through the lease period, and if successful, refresh their DNS record.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question