Set scavenge records = 2 days, is it OK ?

  • Thread starter Thread starter Marlon Brown
  • Start date Start date
M

Marlon Brown

My DHCP server lease is set to lease ip addresses = 1 day.

I have tons of multiple hosts that point to same IP addresses on my reverse
lookup zone and I would like to keep those clean.

That said, it is that OK set the DNS server to scavenge stale records = 2
days ?
Currently is set to 7 days.
 
In
Marlon Brown said:
My DHCP server lease is set to lease ip addresses = 1 day.

I have tons of multiple hosts that point to same IP
addresses on my reverse lookup zone and I would like to
keep those clean.

That said, it is that OK set the DNS server to scavenge
stale records = 2 days ?
Currently is set to 7 days.
Click to expand...

If the lease time in DHCP is one day, it is perfectly reasonable to scavenge
every two days.
 
I see that I also need to configure "no-refresh" interval and "refresh
interval".
Currently no-refresh and "refresh" intervals = 7 days as well.

Any suggestion on how I can fine tune this to give me the cleanest PTR
records as possible ?
Also, I am considering monitoring server performance to assure I can fine
tune this without causing performance issues.
 
Remember that DHCP will clean-up the registrations after itself if you want
it to.

However, why are you using such short lease times? Do you have a large
number of clients and only a small address pool? If not, then consider
increasing the lease time. As I said, DHCP can clean up any DNS
registrations made by itself. Also, in case you're not aware, when a DHCP
client shuts down gracefully it releases its lease. So within 24 hours (the
standard grace period - this is only 4 hours in 2003) that lease is
available for another machine and the record has been removed from DNS.

Many people feel the need to configure short leases because of mobile
workers fluctuating between sites. However, given the fact that a DHCP
client relinquishes its lease at shutdown means that this is a common
misunderstanding and somewhat unnecessary. Also, if you're concerned about
network traffic and performance think about the additional load (granted its
still small) that all of this is adding. Every DHCP lease requires the DNS
updates (read AD changes if we're talking about AD-Integrated zones). Plus
you'd be looking at a somewhat over-zealous scavenging routine if I may say
so. I've been down this road, and didn't have great results. My
over-zealous scavenging routine ended up causing the island DNS problem
every Monday morning for all remote sites <grin>.

--Note. Netlogon is supposed to register SRV records every 12 hours.
However I have seen, and have read others' posts, that this isn't always the
case and scavenging will get rid of 'stale' SRV records too. I believe
there's a fix for 2003, but have seen it reported that it doesn't work...


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
 
In
ptwilliams said:
Remember that DHCP will clean-up the registrations after
itself if you want it to.
Click to expand...

Just to add, one thing many people over look, DHCP can de-register the
record or the client can de-register the record, but for this to happen,
then client must be gracefully shut down or the client must run ipconfig
/release.
What causes this is clients that are not gracefully shut down or users just
unplug the cable. In which case the lease is still active and DHCP won't
de-register the record. There is an option you can add to make Win2k and
later release the lease at shut down, I'd add this option. I'd also make
sure the DHCP is set to remove the record whaen the lease expires or is
released.
IMO, I think it is a good idea to set the lease time to one day or less.
 
Good post!

But I have to ask, mainly simply out of curiosity, why you prefer this
option:
IMO, I think it is a good idea to set the lease time to one day or less.
Click to expand...


The only reasons I can see for short-term leases is a high-demand, low
availability IP pool.

This is what the TCP/IP Core Networking Guide recommends.

If you have static workstations and plenty of addresses, MS recommend
increasing the lease duration considerably...


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/
 
In
ptwilliams said:
Good post!

But I have to ask, mainly simply out of curiosity, why
you prefer this option:
Click to expand...

Because especially laptop users who unplug from the network leaving the IP
leased, DHCP won't release the IP leaving the Record registered in DNS.
DHCP will remove the record when the lease expires or is released.
 
In message <[email protected]> "ptwilliams"
Good post!

But I have to ask, mainly simply out of curiosity, why you prefer this
option:



The only reasons I can see for short-term leases is a high-demand, low
availability IP pool.
Click to expand...

Or frequent changes to DNS, default gateway, or other DHCP-assigned
parameters.
 
In
ptwilliams said:
Yes, I suppose that's a good point. And it's not like
you can enforce graceful shutdowns either!!!
Click to expand...

What can you do with Laptops that are just unplugged without releasing the
IP lease. How can you stop that?
Have windows give them a shock if you touch the network cable without
releasing the IP address? :)
 
Of course, constant changes to those things imply much bigger problems than
scavenging routines.
 
In message <[email protected]> "Ryan Hanisco"
Of course, constant changes to those things imply much bigger problems than
scavenging routines.
Click to expand...

Yeah, sometimes. On the other hand, when you have a small network
budget you sometimes get stuck with older junk and have to make do.
 
Marlon Brown said:
My DHCP server lease is set to lease ip addresses = 1 day.

I have tons of multiple hosts that point to same IP addresses on my reverse
lookup zone and I would like to keep those clean.

That said, it is that OK set the DNS server to scavenge stale records = 2
days ?
Currently is set to 7 days.
Click to expand...

If you have WANS involved it is a VERY POOR setting.

You want the norefresh + refresh (and scavenging) to be
MUCH longer than both the DHCP lease periods AND
the "reasonable expected outage" of your WANS lines.

If two DCs get out of contact for long enough and are
holding the DNS records in AD, then they will scavenge
each other and thus lose contact (semi)permanently.

"semi" means that you CAN fix it but it will be a pain.

Keep such settings LONG -- unless you have a specific
reason and full understanding of ALL the implications set
it to at least the defaults of 7 days + 7 days (+ 7 days)
giving about 2 1/2 weeks on average.

Don't tempt fate by making it short.
 
How about if I delete only the "reverse" lookup zones more frequently ? As
long as I keep my "Forward Lookup" with perhaps 6,6,6 that shouldn't be a
problem in case of DC's go down over WAN links and can't sync ? As far as I
know AD doesn't rely on PTR records.
 
Back
Top