Solved

DNS Config

Posted on 2016-08-05
2
21 Views
Last Modified: 2016-08-05
Win 2012 R2 domain
3 X DNS servers all AD integrated
500 internal PCs across 8 scopes
Occasionally a guest may plug a laptop into one of the scopes above and need IP etc
1 scope of wireless clients which may have 1000 clients

Can u please advise on these DNS Qs
1. Lots of sites advise Lease period = refresh + no refresh, so that's easy I'll have 6, 3 and 3...OK? Not too worried about IPs running out.
2. Given numbers above what should scavenging period be? Not too worried about server processing this, scopes are small.
3. Should this scavenging period be set the same on the scope and server?
4. Given the setup above what update setting should I use, secure only, or secure and Unknown?

Thanks
0
Comment
Question by:Pete
2 Comments
 
LVL 26

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41744013
Is this a DNS question or a DHCP question?

1. DNS has no "Lease Period" and there are no "scopes" in DNS.

2. Scavaging is a DNS configuration
--- can be set at server level for defaults, but must be directly enabled on the necessary DNS Zones
--- scavaging should be set to quickly remove old/stale records from DNS and this depends on your lease period in DHCP.

3. Set a default server scope configuration.  Then configure the specific domains based on your DHCP scope lease duration.

Links:
- https://technet.microsoft.com/en-us/library/cc753217(v=ws.11).aspx
- https://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
- https://technet.microsoft.com/en-us/library/ff807390(v=ws.10).aspx

4.  Since a domain is in place, your main AD Domain should have secure only set.
4a.  For you guests that use your wireless network, you should have a guest DMZ which is NOT inside your network.  This is a security issue.  Since they are guests, they have no domain credentials and should be limited in their access to your internal resources.

Dan
0
 
LVL 1

Author Comment

by:Pete
ID: 41744025
Thanks for the reply, sorry you're right my Q is unclear, it's a DHCP and DNS mix of settings. I'll check out the links.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now