I am currently updating our DNS structure and have been trying to see if
there is a "best practice" or "recommended setting" for:
Scavenging Period
No-refresh interval
Refresh interval

Also if "update associate pointerPTR)" should be set and what TTL should be
set to and if it should be the same or different for A and PTR records.

Thanks Everyone!

Hi
Recommended settings depend of your needs, in most cases the defaults are
just fine. Note for Scavenging, configure only one server to do that, and
remember this option to work must be enabled in DNS server mmc snap-in.

--
I hope that the information above s you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

"Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
news:41B7F256-6851-46A4-8B09-5EA97FAB11E4@microsoft.com...
> Hi
> Recommended settings depend of your needs, in most cases the defaults are
> just fine. Note for Scavenging, configure only one server to do that, and
> remember this option to work must be enabled in DNS server mmc snap-in.

What Jorge said, and continuing:

The biggest mistake people make (besides perhaps scavening multiple places
for the same zone) is to scavenge TOO QUICKELY so never reduce the
scavening period below the defaults unless you have researched AND
TESTED it carefully.

People do more harm with scavening (too quickly) than good.

There is an interaction with DHCP where you want the record to go STALE
in MORE time than the length of a DHCP lease (in most cases.)

--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com (phone on web site)

If you use LinkedIn then tell me where you know me from when linking:

http://www.linkedin.com/in/herbmartin

Hi Herb,
-Where have you been...
-Good to know that you're back....
--
I hope that the information above s you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

For a test environment for example I have the following set up.
DHCP lease - 28 hours(1 day 4 hours)
No Refresh - 1 day
Refresh - 1 day (so each machine should have 4 hours to refresh their DNS)
Auto Scavenging 3 days.

I think the above ratios should work..

so for example.. in production I'd plan on the following
DHCP lease - 60 hours (2.5 days)
No Refresh - 2 days
Refresh - 2 Days
Auto Scavenging - 5 days.

I believe this should provide a minimal period of time where any old DNS
entries should exist.

Jorge/Herb,
would the above sound correct to you?

"Herb Martin" <news@learnquick.com> wrote in message
news:eIeeR4iYIHA.4440@TK2MSFTNGP06.phx.gbl...
>
> "Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
> news:41B7F256-6851-46A4-8B09-5EA97FAB11E4@microsoft.com...
>> Hi
>> Recommended settings depend of your needs, in most cases the defaults are
>> just fine. Note for Scavenging, configure only one server to do that, and
>> remember this option to work must be enabled in DNS server mmc snap-in.
>
> What Jorge said, and continuing:
>
> The biggest mistake people make (besides perhaps scavening multiple places
> for the same zone) is to scavenge TOO QUICKELY so never reduce the
> scavening period below the defaults unless you have researched AND
> TESTED it carefully.
>
> People do more harm with scavening (too quickly) than good.
>
> There is an interaction with DHCP where you want the record to go STALE
> in MORE time than the length of a DHCP lease (in most cases.)
>
> --
> Herb Martin, MCSE, MVP
> http://www.LearnQuick.Com (phone on web site)
>
> If you use LinkedIn then tell me where you know me from when linking:
>
> http://www.linkedin.com/in/herbmartin
>
>

"infinitiguy" <derek@iona.com> wrote in message
news:77C436FE-CA88-48A1-B64C-00AD9C4BDBA2@microsoft.com...
> For a test environment for example I have the following set up.
> DHCP lease - 28 hours(1 day 4 hours)
> No Refresh - 1 day
> Refresh - 1 day (so each machine should have 4 hours to refresh their DNS)
> Auto Scavenging 3 days.
> I think the above ratios should work..

I avoid should SHORT refresh intervals as they are very
prone to breaking AD Integrated DNS zone replication when network
problems occur.

I personally believe that the defaults should be the MINIMUM
in all but the WORST cases. And then only after thorough testing
and consideration.

> so for example.. in production I'd plan on the following
> DHCP lease - 60 hours (2.5 days)
> No Refresh - 2 days
> Refresh - 2 Days
> Auto Scavenging - 5 days.
>
> I believe this should provide a minimal period of time where any old DNS
> entries should exist.

What is you COMPELLING reason for shortening the refresh values?

> Jorge/Herb,
> would the above sound correct to you?
>
> "Herb Martin" <news@learnquick.com> wrote in message
> news:eIeeR4iYIHA.4440@TK2MSFTNGP06.phx.gbl...
>>
>> "Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
>> news:41B7F256-6851-46A4-8B09-5EA97FAB11E4@microsoft.com...
>>> Hi
>>> Recommended settings depend of your needs, in most cases the defaults
>>> are just fine. Note for Scavenging, configure only one server to do
>>> that, and remember this option to work must be enabled in DNS server mmc
>>> snap-in.
>>
>> What Jorge said, and continuing:
>>
>> The biggest mistake people make (besides perhaps scavening multiple
>> places
>> for the same zone) is to scavenge TOO QUICKELY so never reduce the
>> scavening period below the defaults unless you have researched AND
>> TESTED it carefully.
>>
>> People do more harm with scavening (too quickly) than good.
>>
>> There is an interaction with DHCP where you want the record to go STALE
>> in MORE time than the length of a DHCP lease (in most cases.)
>>
>> --
>> Herb Martin, MCSE, MVP
>> http://www.LearnQuick.Com (phone on web site)
>>
>> If you use LinkedIn then tell me where you know me from when linking:
>>
>> http://www.linkedin.com/in/herbmartin
>>
>>
>

Honestly, It's just trying to keep the values we currently have in
production the same. We currently have a 2 day DHCP lease time(we all have
laptops) and people move around alot. We also have the building split up
into many different vlans, and I wanted to avoid having someone who visits
multiple conference rooms in a given day(or week) to end up retaining 3 or 4
DHCP leases, and therefore 3 or 4 DNS entries for a long period of time. So
based off my 2 day DHCP lease, and reading all the "this is how things
should be for settings" I saw that DHCP should be (and as luck would have it
I can't remember where I saw..) but DHCP = no refresh + 1/4*no refresh(or
something along those lines)... which is why I set my dhcp for 2.5 days so
I could keep no refresh/refresh even numbers.. based on the above.. if I
were to keep the defaults I'd have
a DHCP lease of 8.75 days(round up to 9..) days or so(refresh = 7, no ref =
7, dhcp = 7+(1/4*7).. which seemed too long to me..

maybe I'm really just overlooking something?


"Herb Martin" <news@learnquick.com> wrote in message
news:OhGuR7XiIHA.3448@TK2MSFTNGP04.phx.gbl...
>
> "infinitiguy" <derek@iona.com> wrote in message
> news:77C436FE-CA88-48A1-B64C-00AD9C4BDBA2@microsoft.com...
>> For a test environment for example I have the following set up.
>> DHCP lease - 28 hours(1 day 4 hours)
>> No Refresh - 1 day
>> Refresh - 1 day (so each machine should have 4 hours to refresh their
>> DNS)
>> Auto Scavenging 3 days.
>> I think the above ratios should work..
>
> I avoid should SHORT refresh intervals as they are very
> prone to breaking AD Integrated DNS zone replication when network
> problems occur.
>
> I personally believe that the defaults should be the MINIMUM
> in all but the WORST cases. And then only after thorough testing
> and consideration.
>
>> so for example.. in production I'd plan on the following
>> DHCP lease - 60 hours (2.5 days)
>> No Refresh - 2 days
>> Refresh - 2 Days
>> Auto Scavenging - 5 days.
>>
>> I believe this should provide a minimal period of time where any old DNS
>> entries should exist.
>
> What is you COMPELLING reason for shortening the refresh values?
>
>> Jorge/Herb,
>> would the above sound correct to you?
>>
>> "Herb Martin" <news@learnquick.com> wrote in message
>> news:eIeeR4iYIHA.4440@TK2MSFTNGP06.phx.gbl...
>>>
>>> "Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
>>> news:41B7F256-6851-46A4-8B09-5EA97FAB11E4@microsoft.com...
>>>> Hi
>>>> Recommended settings depend of your needs, in most cases the defaults
>>>> are just fine. Note for Scavenging, configure only one server to do
>>>> that, and remember this option to work must be enabled in DNS server
>>>> mmc snap-in.
>>>
>>> What Jorge said, and continuing:
>>>
>>> The biggest mistake people make (besides perhaps scavening multiple
>>> places
>>> for the same zone) is to scavenge TOO QUICKELY so never reduce the
>>> scavening period below the defaults unless you have researched AND
>>> TESTED it carefully.
>>>
>>> People do more harm with scavening (too quickly) than good.
>>>
>>> There is an interaction with DHCP where you want the record to go STALE
>>> in MORE time than the length of a DHCP lease (in most cases.)
>>>
>>> --
>>> Herb Martin, MCSE, MVP
>>> http://www.LearnQuick.Com (phone on web site)
>>>
>>> If you use LinkedIn then tell me where you know me from when linking:
>>>
>>> http://www.linkedin.com/in/herbmartin
>>>
>>>
>>
>
>

"infinitiguy" <derek@iona.com> wrote in message
news:53B5D968-58C7-4AF4-8E3C-01FA050BFEF7@microsoft.com...
> Honestly, It's just trying to keep the values we currently have in
> production the same. We currently have a 2 day DHCP lease time(we all
> have laptops) and people move around alot. We also have the building
> split up into many different vlans, and I wanted to avoid having someone
> who visits multiple conference rooms in a given day(or week) to end up
> retaining 3 or 4 DHCP leases, and therefore 3 or 4 DNS entries for a long
> period of time.

Three or four DHCP leases are one thing; DNS registration another.

Leases CAN expire sooner rather than later.

If someone registers the SAME name then that will over-write the existing
record so you won't end up with 3 or 4 DNS entries.

(There is an issue here that is well documented about dealing with
"ownership"
of the DNS record if you use "Secure only updates" and have more than
one DHCP server -- use "Update Credentials with Win2003 DHCP" or
"DNSUpdateProxyGroup" if using Win2000.)


> So based off my 2 day DHCP lease, and reading all the "this is how things
> should be for settings" I saw that DHCP should be (and as luck would have
> it I can't remember where I saw..) but DHCP = no refresh + 1/4*no
> refresh(or something along those lines)... which is why I set my dhcp for
> 2.5 days so I could keep no refresh/refresh even numbers.. based on the
> above.. if I were to keep the defaults I'd have
> a DHCP lease of 8.75 days(round up to 9..) days or so(refresh = 7, no ref
> = 7, dhcp = 7+(1/4*7).. which seemed too long to me..

I believe such recommendations (for reducing Intervals) are overly
simplistic in
terms of need/design/safety and overly complicated in terms of
implementation.

In other words: You don't need to worry about this so much and if you do
it isn't obvious how much trouble you can cause.

The simplest: Fooling with this stuff is seldom needed and sometimes
dangerous
to your AD Replication.

> maybe I'm really just overlooking something?
>
>
> "Herb Martin" <news@learnquick.com> wrote in message
> news:OhGuR7XiIHA.3448@TK2MSFTNGP04.phx.gbl...
>>
>> "infinitiguy" <derek@iona.com> wrote in message
>> news:77C436FE-CA88-48A1-B64C-00AD9C4BDBA2@microsoft.com...
>>> For a test environment for example I have the following set up.
>>> DHCP lease - 28 hours(1 day 4 hours)
>>> No Refresh - 1 day
>>> Refresh - 1 day (so each machine should have 4 hours to refresh their
>>> DNS)
>>> Auto Scavenging 3 days.
>>> I think the above ratios should work..
>>
>> I avoid should SHORT refresh intervals as they are very
>> prone to breaking AD Integrated DNS zone replication when network
>> problems occur.
>>
>> I personally believe that the defaults should be the MINIMUM
>> in all but the WORST cases. And then only after thorough testing
>> and consideration.
>>
>>> so for example.. in production I'd plan on the following
>>> DHCP lease - 60 hours (2.5 days)
>>> No Refresh - 2 days
>>> Refresh - 2 Days
>>> Auto Scavenging - 5 days.
>>>
>>> I believe this should provide a minimal period of time where any old DNS
>>> entries should exist.
>>
>> What is you COMPELLING reason for shortening the refresh values?
>>
>>> Jorge/Herb,
>>> would the above sound correct to you?
>>>
>>> "Herb Martin" <news@learnquick.com> wrote in message
>>> news:eIeeR4iYIHA.4440@TK2MSFTNGP06.phx.gbl...
>>>>
>>>> "Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
>>>> news:41B7F256-6851-46A4-8B09-5EA97FAB11E4@microsoft.com...
>>>>> Hi
>>>>> Recommended settings depend of your needs, in most cases the defaults
>>>>> are just fine. Note for Scavenging, configure only one server to do
>>>>> that, and remember this option to work must be enabled in DNS server
>>>>> mmc snap-in.
>>>>
>>>> What Jorge said, and continuing:
>>>>
>>>> The biggest mistake people make (besides perhaps scavening multiple
>>>> places
>>>> for the same zone) is to scavenge TOO QUICKELY so never reduce the
>>>> scavening period below the defaults unless you have researched AND
>>>> TESTED it carefully.
>>>>
>>>> People do more harm with scavening (too quickly) than good.
>>>>
>>>> There is an interaction with DHCP where you want the record to go STALE
>>>> in MORE time than the length of a DHCP lease (in most cases.)
>>>>
>>>> --
>>>> Herb Martin, MCSE, MVP
>>>> http://www.LearnQuick.Com (phone on web site)
>>>>
>>>> If you use LinkedIn then tell me where you know me from when linking:
>>>>
>>>> http://www.linkedin.com/in/herbmartin
>>>>
>>>>
>>>
>>
>>
>