Scavenging settings

Hi,

We are trying to understand why our ntds.dit is growing compare to last year.

When we ran ADRAP tool it shows the DNS nodes (30010)

Tombstoned DNS nodes (200001) toal (230011)

this might be because of low scavening / aging value set


(tombstoned data is growing because of stale DNS records)


what will be best scavenging time set to have other than default settings

Server properties is set to Default 7 days

no-refresh interval set to 2 days

refresh set to 2 days

DHCP lease is 8 hrs.

can anyone please suggest me what will be the best settings for our
environment (as DHCP lease is 8 hrs keeping in mind)

Thanks in advance

A high rate of change in DNS will lead to a large number of tombstoned
DNS entries.

It would seem reasonable to reconsider the DHCP Lease duration, 8 hours
is, after all, extremely short.

Essentially you have:

* The amount of Tombstoned Data is increasing because of Stale DNS records
* The number of Stale DNS Records is high because of the (potential)
rate of change of records in both Forward and Reverse Lookup
* The rate of change must be somewhat proportional to changing leases in
DHCP

The DNS Record lifecycle is this:

1. Record Created (as dnsNode)
2. When Timestamp is no longer updated and Aging Intervals pass Record
becomes Stale
3. Stale Record is removed from the active DNS system and dnsTombstoned
is set to TRUE
4. Tombstoned record exists for value of DsTombstoneInterval (7 days by
default)
5. DnsNode object is moved to Deleted Objects for value of
tombstoneLifetime (120 days by default for domains built with 2003 SP1;
60 days prior to that)

Therefore, you either reduce the rate of change by increasing the lease
duration, or put up with inaccuracy in DNS (by limiting Aging /
Scavenging), or put up with increasing directory size.

The directory size should level out eventually, when you reach the point
where the number of tombstoned records being flushed is equal to the
number being created.

Chris

Amarnath wrote:
> Hi,
>
> We are trying to understand why our ntds.dit is growing compare to last year.
>
> When we ran ADRAP tool it shows the DNS nodes (30010)
>
> Tombstoned DNS nodes (200001) toal (230011)
>
> this might be because of low scavening / aging value set
>
>
> (tombstoned data is growing because of stale DNS records)
>
>
> what will be best scavenging time set to have other than default settings
>
> Server properties is set to Default 7 days
>
> no-refresh interval set to 2 days
>
> refresh set to 2 days
>
> DHCP lease is 8 hrs.
>
> can anyone please suggest me what will be the best settings for our
> environment (as DHCP lease is 8 hrs keeping in mind)
>
> Thanks in advance
>
>

"Chris Dent" <> wrote in message news:...
>
> A high rate of change in DNS will lead to a large number of tombstoned
> DNS entries.
>
> It would seem reasonable to reconsider the DHCP Lease duration, 8 hours
> is, after all, extremely short.
>
> Essentially you have:
>
> * The amount of Tombstoned Data is increasing because of Stale DNS records
> * The number of Stale DNS Records is high because of the (potential)
> rate of change of records in both Forward and Reverse Lookup
> * The rate of change must be somewhat proportional to changing leases in
> DHCP
>
> The DNS Record lifecycle is this:
>
> 1. Record Created (as dnsNode)
> 2. When Timestamp is no longer updated and Aging Intervals pass Record
> becomes Stale
> 3. Stale Record is removed from the active DNS system and dnsTombstoned
> is set to TRUE
> 4. Tombstoned record exists for value of DsTombstoneInterval (7 days by
> default)
> 5. DnsNode object is moved to Deleted Objects for value of
> tombstoneLifetime (120 days by default for domains built with 2003 SP1;
> 60 days prior to that)
>
> Therefore, you either reduce the rate of change by increasing the lease
> duration, or put up with inaccuracy in DNS (by limiting Aging /
> Scavenging), or put up with increasing directory size.
>
> The directory size should level out eventually, when you reach the point
> where the number of tombstoned records being flushed is equal to the
> number being created.
>
> Chris

Nice explanation. :-)

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

http://twitter.com/acefekay

For urgent issues, you may want to contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.

"Ace Fekay [MCT]" <> wrote in message news:...

I would like to add, if WINS is involved with such a short lease, depending on how many WINS are in the infrastructure and the partnership design (star or mesh), WINS may have some difficulty with keeping up with the constant updates, wihch will be evident with WINS Event log errors.

I've seen this once at a customer site years ago. It's always stuck to the back of my mind to keep this in mind when such as short lease is desired. I found a default lease works fine, as long as scavenging is enabled (default as well), including if the DHCP server is on a DC, adding the DHCP server to the DnsUpdateProxy group, or to alleviate the security issues with such as move, to rather supplying credentials for DHCP, so it owns all records it registers into DNS, in order so it can update the records as they change. Otherwise, expect issues to occur.

Ace

Hi,

Thanks for your all inputs.

"Ace Fekay [MCT]" wrote:

> "Ace Fekay [MCT]" <> wrote in message news:...
>
> I would like to add, if WINS is involved with such a short lease, depending on how many WINS are in the infrastructure and the partnership design (star or mesh), WINS may have some difficulty with keeping up with the constant updates, wihch will be evident with WINS Event log errors.
>
> I've seen this once at a customer site years ago. It's always stuck to the back of my mind to keep this in mind when such as short lease is desired. I found a default lease works fine, as long as scavenging is enabled (default as well), including if the DHCP server is on a DC, adding the DHCP server to the DnsUpdateProxy group, or to alleviate the security issues with such as move, to rather supplying credentials for DHCP, so it owns all records it registers into DNS, in order so it can update the records as they change. Otherwise, expect issues to occur.
>
> Ace
>

Thank you very much for your inputs.

"Chris Dent" wrote:

>
> A high rate of change in DNS will lead to a large number of tombstoned
> DNS entries.
>
> It would seem reasonable to reconsider the DHCP Lease duration, 8 hours
> is, after all, extremely short.
>
> Essentially you have:
>
> * The amount of Tombstoned Data is increasing because of Stale DNS records
> * The number of Stale DNS Records is high because of the (potential)
> rate of change of records in both Forward and Reverse Lookup
> * The rate of change must be somewhat proportional to changing leases in
> DHCP
>
> The DNS Record lifecycle is this:
>
> 1. Record Created (as dnsNode)
> 2. When Timestamp is no longer updated and Aging Intervals pass Record
> becomes Stale
> 3. Stale Record is removed from the active DNS system and dnsTombstoned
> is set to TRUE
> 4. Tombstoned record exists for value of DsTombstoneInterval (7 days by
> default)
> 5. DnsNode object is moved to Deleted Objects for value of
> tombstoneLifetime (120 days by default for domains built with 2003 SP1;
> 60 days prior to that)
>
> Therefore, you either reduce the rate of change by increasing the lease
> duration, or put up with inaccuracy in DNS (by limiting Aging /
> Scavenging), or put up with increasing directory size.
>
> The directory size should level out eventually, when you reach the point
> where the number of tombstoned records being flushed is equal to the
> number being created.
>
> Chris
>
> Amarnath wrote:
> > Hi,
> >
> > We are trying to understand why our ntds.dit is growing compare to last year.
> >
> > When we ran ADRAP tool it shows the DNS nodes (30010)
> >
> > Tombstoned DNS nodes (200001) toal (230011)
> >
> > this might be because of low scavening / aging value set
> >
> >
> > (tombstoned data is growing because of stale DNS records)
> >
> >
> > what will be best scavenging time set to have other than default settings
> >
> > Server properties is set to Default 7 days
> >
> > no-refresh interval set to 2 days
> >
> > refresh set to 2 days
> >
> > DHCP lease is 8 hrs.
> >
> > can anyone please suggest me what will be the best settings for our
> > environment (as DHCP lease is 8 hrs keeping in mind)
> >
> > Thanks in advance
> >
> >
>

"Amarnath" <> wrote in message
news:4C386A5B-9849-4239-8A92-...
> Hi,
>
> Thanks for your all inputs.


You are welcome.

Ace