Scavenging and Dynamic Updates - General Question

I've noticed over the years that my Forward and Reverse Loopup zones carry a
lot of old info. Many situations where the same IP shows up next to many
hosts, and vice versa.
My question is, can anyone explain the negative effects this would have?
I'm assuming it could result in more network congestion and slower
performance as packets go looking for the CORRECT host? Is that it, or does
it go deeper.

As the jack of all trades here, I've always shrugged my shoulders and spent
my time elsewhere since it didn't seem to be hurting anything. I decided to
look into it yesterday though. I've implemented scavenging, and set DHCP to
own update and own the DNS records (hopefully correctly). Just wondering if
I could get some general feedback on what this can mean for me.

Thanks!
Tim

Hi Tim,

It has more of an impact in Forward Lookup Zones. Perhaps most
importantly because in general, computer don't look for the "correct"
IP, if they get an answer from DNS for a name they take it as gospel. If
it doesn't work the computer gives up. It can get quite messy if the
situation applies to servers as well, connecting successfully becomes
pot-luck.

Reverse Lookup tends to be less of an issue, not as many things use it.
Still, it's useful to be able to get to a name from an IP. Especially if
whoever uses the IP is doing something wrong

NetBIOS name resolution is the most likely thing to cause network issues
if naming is not available, it will result in a lot of broadcasts for
"Who Has ... ". That doesn't necessarily mean congestion, but it's not
really a good thing (depending on the size of the environment in question).

Still, you've configured Aging which is nice because it's all very low
maintenance if it's correctly set

Chris

Also, in my attempts to see that DHCP owns the DNS records, I came across
this setting in DHCP:
In Properties of the server, on DNS tab, under the option "Enable DNS
dynamic updates according to the settings below"....
I DID have "Dynamically update .... ONLY IF REQUESTED".
I changed that to "Always Dynamically update...".

None of the documentation I followed said to set it to "always"... it just
said to set this so that DHCP does the dynamic updates.

Thanks
Tim

"Microsoft" <> wrote in message
news:%...
> I've noticed over the years that my Forward and Reverse Loopup zones carry
> a lot of old info. Many situations where the same IP shows up next to
> many hosts, and vice versa.
> My question is, can anyone explain the negative effects this would have?
> I'm assuming it could result in more network congestion and slower
> performance as packets go looking for the CORRECT host? Is that it, or
> does it go deeper.
>
> As the jack of all trades here, I've always shrugged my shoulders and
> spent my time elsewhere since it didn't seem to be hurting anything. I
> decided to look into it yesterday though. I've implemented scavenging,
> and set DHCP to own update and own the DNS records (hopefully correctly).
> Just wondering if I could get some general feedback on what this can mean
> for me.
>
> Thanks!
> Tim
>

"Tim" <> wrote in message
news:...
> Also, in my attempts to see that DHCP owns the DNS records, I came across
> this setting in DHCP:
> In Properties of the server, on DNS tab, under the option "Enable DNS
> dynamic updates according to the settings below"....
> I DID have "Dynamically update .... ONLY IF REQUESTED".
> I changed that to "Always Dynamically update...".
>
> None of the documentation I followed said to set it to "always"... it just
> said to set this so that DHCP does the dynamic updates.
>
> Thanks
> Tim


Did you set credentials in DHCP properties, or did you add the DHCP server
to the DnsUpdateProxy group?

Chris gave you pretty much everything about the plusses and minuses. Read my
following blog on DHCP and Scavenging. There's also a quoted section from
Chris regarding short lease times. Chris, I hope you approve. If not, I will
remove it.

DHCP, Dynamic DNS Updates , Scavenging, static entries & timestamps, and the
DnsProxyUpdate Group
http://msmvps.com/blogs/acefekay/arc...ate-group.aspx

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.

> Chris, I hope you approve. If not, I will remove it.

I have no problem with it

Chris

"Chris Dent" <> wrote in message
news:...
> > Chris, I hope you approve. If not, I will remove it.
>
> I have no problem with it
>
> Chris


Thanks!

> Did you set credentials in DHCP properties, or did you add the DHCP server
> to the DnsUpdateProxy group?

I added credentials to DHCP properties. Sounded from everything I read that
this was more secure and provided the same results.

However, the setting I was questioning to is in the DNS tab of the servers
DHCP properties. I was wondering if there was a right and wrong
answer to whether I used "Always..." or not.

So far it hasn't cleaned up anything... but I just set it yesterday. I
tried running "Scavange stale resource records", but it didn't clean
anything. I'm assuming that this is only because the "This zone can be
scavanged after" date is not until 8/27 (since I set yesterday with default
setting of 7 days). If you see a flaw in my understand, could you let me
know?

Thanks very much for the replies!

"Ace Fekay [MCT]" <> wrote in message
news:...
> "Tim" <> wrote in message
> news:...
>> Also, in my attempts to see that DHCP owns the DNS records, I came across
>> this setting in DHCP:
>> In Properties of the server, on DNS tab, under the option "Enable DNS
>> dynamic updates according to the settings below"....
>> I DID have "Dynamically update .... ONLY IF REQUESTED".
>> I changed that to "Always Dynamically update...".
>>
>> None of the documentation I followed said to set it to "always"... it
>> just said to set this so that DHCP does the dynamic updates.
>>
>> Thanks
>> Tim
>
>
> Did you set credentials in DHCP properties, or did you add the DHCP server
> to the DnsUpdateProxy group?
>
> Chris gave you pretty much everything about the plusses and minuses. Read
> my following blog on DHCP and Scavenging. There's also a quoted section
> from Chris regarding short lease times. Chris, I hope you approve. If not,
> I will remove it.
>
> DHCP, Dynamic DNS Updates , Scavenging, static entries & timestamps, and
> the DnsProxyUpdate Group
> http://msmvps.com/blogs/acefekay/arc...ate-group.aspx
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Please reply back to the newsgroup or forum to benefit from collaboration
> among responding engineers, and to help others benefit from your
> resolution.
>
> Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
> Microsoft Certified Trainer
>
> For urgent issues, please contact Microsoft PSS directly. Please check
> http://support.microsoft.com for regional support phone numbers.
>

> However, the setting I was questioning to is in the DNS tab of the servers
> DHCP properties. I was wondering if there was a right and wrong
> answer to whether I used "Always..." or not.

"always" is normally used when clients aren't able to request updates or
update themselves. Everything from Windows 2000 up can, so it tends not
be necessary (not that it'll really cause you any problems).

In fact, DHCP doesn't have to update for clients at all if you don't
want it to, anything from Windows 2000 up can register directly without
assistance.

> So far it hasn't cleaned up anything... but I just set it yesterday. I
> tried running "Scavange stale resource records", but it didn't clean
> anything. I'm assuming that this is only because the "This zone can be
> scavanged after" date is not until 8/27 (since I set yesterday with default
> setting of 7 days). If you see a flaw in my understand, could you let me
> know?

You're correct, nothing will be removed until then no matter how much
you tell it to run

Chris

"Tim" <> wrote in message
news:%...
>> Did you set credentials in DHCP properties, or did you add the DHCP
>> server
>> to the DnsUpdateProxy group?
>
> I added credentials to DHCP properties. Sounded from everything I read
> that
> this was more secure and provided the same results.
>
> However, the setting I was questioning to is in the DNS tab of the servers
> DHCP properties. I was wondering if there was a right and wrong
> answer to whether I used "Always..." or not.
>
> So far it hasn't cleaned up anything... but I just set it yesterday. I
> tried running "Scavange stale resource records", but it didn't clean
> anything. I'm assuming that this is only because the "This zone can be
> scavanged after" date is not until 8/27 (since I set yesterday with
> default
> setting of 7 days). If you see a flaw in my understand, could you let me
> know?
>
> Thanks very much for the replies!

As Chris said, the scavenging period is a patience thing. Wait.... Or if you
know which ones to delete, you can give it a head start and delete them.

As for that setting in DNS tab, I like to force DHCP to do it, this way it
owns ALL the records and can update them as the DHCP clients are refreshed,
just in case they get a new IP.

Ace