question

GraceYin-4029 avatar image
0 Votes"
GraceYin-4029 asked JoshJones-3107 answered

DNS Aging and Scavenging

Hi,

I have 2016 Windows domain with 3 DNS servers. I have 2 questions regarding the DNS Aging and Scavenging.

  1. Should I enable "DNS Aging and Scavenging" on all three DNS server or only one? If I enable it on only one, the other two should replicate with it, right? My concern is if it will cause any conflict if I enable it on all of them.

  2. I enabled the setting for "DNS Aging and Scavenging" with 7 days non-refresh interval and 7 days refresh interval, and my DHCP server leasing period is 7 days, the stale records with the time stamp older than 14 days should be removed automatically, right? Why are they still in DNS server? Where should I look into?

Need help!

Thanks in advance!





windows-dhcp-dns
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

4 Answers

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered CandyLuo-MSFT commented

Hi ,

>>Should I enable "DNS Aging and Scavenging" on all three DNS server or only one? If I enable it on only one, the other two should replicate with it, right? My concern is if it will cause any conflict if I enable it on all of them.

Microsoft's Best practice analyser recommends scavenging enabled on all DNS servers. However, with AD-integrated zones, it doesn't particularly matter since it handles if the record is deleted from one name server and deleted from another at the same time before replication kicks in.

You just need to enable DNS scavenging on one DC in main site. The results will be replicated to other DCs.

>>I enabled the setting for "DNS Aging and Scavenging" with 7 days non-refresh interval and 7 days refresh interval, and my DHCP server leasing period is 7 days, the stale records with the time stamp older than 14 days should be removed automatically, right? Why are they still in DNS server? Where should I look into?

Even after the no-refresh and refresh intervals have both expired, a record will most likely not be scavenged immediately, as scavenging is controlled by a server's scavenging period, which is independent of the other two intervals.

15073-222.png

When the scavenging period is configured on a DNS server, the timer starts for 7 days (or whatever the configured value is). Once the timer expires, the scavenging process runs.

7 days for scavenging is a default setting, you can leave it alone or configure whatever value you want.

So the formula should be: NoRefresh + Refresh + Scavenge period.

For your reference:

https://flamingkeys.com/how-dns-aging-and-scavenging-actually-work/

Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

---Please Accept as answer if the reply is helpful---

Best regards,

Candy








222.png (16.0 KiB)
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GraceYin-4029 avatar image GraceYin-4029 ·

Hi Candy,

Thank you very much for your reply. It is very helpful. I have been confused for DNS Aging and Scavenging for a long time. I finally understood now.

The article you recommended is very helpful.

Thank you very much!

0 Votes 0 ·
CandyLuo-MSFT avatar image CandyLuo-MSFT GraceYin-4029 ·

You are welcome. :)

0 Votes 0 ·
WilliamRivet-2508 avatar image
0 Votes"
WilliamRivet-2508 answered

Candy.

I have been looking for a reason why my scavenging settings have never "scavenged" for years. I have never been instructed to enable this until now...

Thank you.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichaWitwicki-5336 avatar image
0 Votes"
MichaWitwicki-5336 answered

If I turn on Scavenging within the zone then it should be enough and the records should be deleted, right? What is the difference between the Scavenging setting for DNS server and the Scavenging setting for DNS zone? As part of the DNS server, Scavenging has an additional option to specify the days in the zone that does not exist. Can someone explain this?

69253-2.png


69254-1.png



2.png (16.0 KiB)
1.png (20.0 KiB)
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JoshJones-3107 avatar image
0 Votes"
JoshJones-3107 answered

Explained fully here...

https://web.archive.org/web/20160428150734/https://blogs.technet.microsoft.com/networking/2008/03/19/dont-be-afraid-of-dns-scavenging-just-be-patient/

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.