Solved

DNS Config

Posted on 2016-08-05
2
32 Views
Last Modified: 2016-08-05
Win 2012 R2 domain
3 X DNS servers all AD integrated
500 internal PCs across 8 scopes
Occasionally a guest may plug a laptop into one of the scopes above and need IP etc
1 scope of wireless clients which may have 1000 clients

Can u please advise on these DNS Qs
1. Lots of sites advise Lease period = refresh + no refresh, so that's easy I'll have 6, 3 and 3...OK? Not too worried about IPs running out.
2. Given numbers above what should scavenging period be? Not too worried about server processing this, scopes are small.
3. Should this scavenging period be set the same on the scope and server?
4. Given the setup above what update setting should I use, secure only, or secure and Unknown?

Thanks
0
Comment
Question by:Pete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41744013
Is this a DNS question or a DHCP question?

1. DNS has no "Lease Period" and there are no "scopes" in DNS.

2. Scavaging is a DNS configuration
--- can be set at server level for defaults, but must be directly enabled on the necessary DNS Zones
--- scavaging should be set to quickly remove old/stale records from DNS and this depends on your lease period in DHCP.

3. Set a default server scope configuration.  Then configure the specific domains based on your DHCP scope lease duration.

Links:
- https://technet.microsoft.com/en-us/library/cc753217(v=ws.11).aspx
- https://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx
- https://technet.microsoft.com/en-us/library/ff807390(v=ws.10).aspx

4.  Since a domain is in place, your main AD Domain should have secure only set.
4a.  For you guests that use your wireless network, you should have a guest DMZ which is NOT inside your network.  This is a security issue.  Since they are guests, they have no domain credentials and should be limited in their access to your internal resources.

Dan
0
 
LVL 1

Author Comment

by:Pete
ID: 41744025
Thanks for the reply, sorry you're right my Q is unclear, it's a DHCP and DNS mix of settings. I'll check out the links.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question