I hope this post find you in good health and spirit. In this post we will discuss about aging and scavenging. Although there is a lot of information about it on internet, still I thought to compile my knowledge which can work as reference in time of need, as misconfiguration of scavenging can empty our DNS server and that will be DISASTER.
What is aging/scavenging ?
DNS has option of dynamic update i.e. clients can get themselves registered with DNS server. So, what will happen once some of these client are out of environment ? There are a couple of problems associated with stale records. Some of them are as under:
- Unnecessarily space utilization and long zone transfers.
- Wrong resolution of client query due to stale data.
- The accumulation of stale records at the DNS server can degrade its performance and responsiveness.
So, to solve the problem of stale records, here comes feature of aging and scavenging. These features provide a mechanism for performing cleanup and removal of stale records, which can accumulate in zone data over time.
How it works ?
When any record is added dynamically and aging/scavenging is enabled then the record is time stamped, based on the current date and time set at the server computer. For records that you add manually, a time stamp value of zero is used, indicating that they are not affected by the aging process and can remain without limitation in zone data unless you otherwise change their time stamp or delete them. Once record is added it can’t refresh itself for certain period of time called No-refresh interval. The purpose of a No-refresh interval is simply to reduce replication traffic. However, if an attribute of client changes like IP of a host record, it is considered an “update” and is exempt from the No-refresh interval. In this case time stamp is reset and No-refresh interval will start again. After No-refresh time expires, client has to refresh its time stamp within time defined by Refresh interval. If client fail to refresh its time stamp within this period, scavenging process will begin and record will be deleted.
By default refresh and no-refresh interval is 7 days by default.
Where to set it?
We can set scavenging in 3 places:
- On individual record
- On zone
- On server
Once scavenging option is set on zone it will work for all dynamic records. But if you want it to work for manual entries, you have to enable it on individual record. Even if you set scavenging on individual record, the actual scavenging will work once you setup scavenging on zone. As seen on figure above once scavenging is enabled for zone, The zone can be scavenged after setting is populated. It will be set to the current time of day rounded down to the nearest hour plus the Refresh interval. This gets reset any time the zone is loaded or any time dynamic updates get enabled on the zone. You can enable scavenging for all the zones on DNS server by right-click on server and set this option.
Once scavenging is set on zone you have to enable it on any or more DNS server. The server where this option is configured is the server responsible to scavenge the record.
Scavenging period is how often scavenging process will be run by server. When a server perform scavenging it will log a DNS event 2501 to indicate how many records were scavenged. An event 2502 will be logged if no records were scavenged.
Best practice is to enable scavenging on one DNS server rather than all as it will be easier for troubleshooting by looking for the logs. Otherwise you need to hop around to different server in event of any issues.
So before I close the formula for scavenging once again:
Record time stamp + No-refresh interval for zone + Refresh interval for zone
- If the value of this sum is greater than current server time, no action is taken and the record continues to be in the zone.
- If the value of this sum is less than current server time, the record is deleted.
So, thanks friends for being with me this time. See you with some other technical stuff in my next post. Till then bye and take great care of yourself.