[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 37
  • Last Modified:

DNS Config

Win 2012 R2 domain
3 X DNS servers all AD integrated
500 internal PCs across 8 scopes
Occasionally a guest may plug a laptop into one of the scopes above and need IP etc
1 scope of wireless clients which may have 1000 clients

Can u please advise on these DNS Qs
1. Lots of sites advise Lease period = refresh + no refresh, so that's easy I'll have 6, 3 and 3...OK? Not too worried about IPs running out.
2. Given numbers above what should scavenging period be? Not too worried about server processing this, scopes are small.
3. Should this scavenging period be set the same on the scope and server?
4. Given the setup above what update setting should I use, secure only, or secure and Unknown?

Thanks
0
Pete
Asked:
Pete
1 Solution
 
Dan McFaddenSystems EngineerCommented:
Is this a DNS question or a DHCP question?

1. DNS has no "Lease Period" and there are no "scopes" in DNS.

2. Scavaging is a DNS configuration
--- can be set at server level for defaults, but must be directly enabled on the necessary DNS Zones
--- scavaging should be set to quickly remove old/stale records from DNS and this depends on your lease period in DHCP.

3. Set a default server scope configuration.  Then configure the specific domains based on your DHCP scope lease duration.

Links:
- https://technet.microsoft.com/en-us/library/cc753217(v=ws.11).aspx
- https://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
- https://technet.microsoft.com/en-us/library/ff807390(v=ws.10).aspx

4.  Since a domain is in place, your main AD Domain should have secure only set.
4a.  For you guests that use your wireless network, you should have a guest DMZ which is NOT inside your network.  This is a security issue.  Since they are guests, they have no domain credentials and should be limited in their access to your internal resources.

Dan
0
 
PeteAuthor Commented:
Thanks for the reply, sorry you're right my Q is unclear, it's a DHCP and DNS mix of settings. I'll check out the links.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now