Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

DNS Config

Posted on 2016-08-05
2
Medium Priority
?
34 Views
Last Modified: 2016-08-05
Win 2012 R2 domain
3 X DNS servers all AD integrated
500 internal PCs across 8 scopes
Occasionally a guest may plug a laptop into one of the scopes above and need IP etc
1 scope of wireless clients which may have 1000 clients

Can u please advise on these DNS Qs
1. Lots of sites advise Lease period = refresh + no refresh, so that's easy I'll have 6, 3 and 3...OK? Not too worried about IPs running out.
2. Given numbers above what should scavenging period be? Not too worried about server processing this, scopes are small.
3. Should this scavenging period be set the same on the scope and server?
4. Given the setup above what update setting should I use, secure only, or secure and Unknown?

Thanks
0
Comment
Question by:Pete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 2000 total points
ID: 41744013
Is this a DNS question or a DHCP question?

1. DNS has no "Lease Period" and there are no "scopes" in DNS.

2. Scavaging is a DNS configuration
--- can be set at server level for defaults, but must be directly enabled on the necessary DNS Zones
--- scavaging should be set to quickly remove old/stale records from DNS and this depends on your lease period in DHCP.

3. Set a default server scope configuration.  Then configure the specific domains based on your DHCP scope lease duration.

Links:
- https://technet.microsoft.com/en-us/library/cc753217(v=ws.11).aspx
- https://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
- https://technet.microsoft.com/en-us/library/ff807390(v=ws.10).aspx

4.  Since a domain is in place, your main AD Domain should have secure only set.
4a.  For you guests that use your wireless network, you should have a guest DMZ which is NOT inside your network.  This is a security issue.  Since they are guests, they have no domain credentials and should be limited in their access to your internal resources.

Dan
0
 
LVL 1

Author Comment

by:Pete
ID: 41744025
Thanks for the reply, sorry you're right my Q is unclear, it's a DHCP and DNS mix of settings. I'll check out the links.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question