Manage DNS: If dynamic updates are used, once the DNS is configured and tested, management is fairly straightforward. There are settings for Time-To-Live (TTL) for zones and records, and aging and scavenging settings for the zone and the server. Let's define these, and look at each one at the record, zone and server levels as they apply. TTL applies to a record you receive and store in cache. It is configured on the zone SOA record, or in the properties of an individual record. Aging and scavenging are operations you perform on your database to update the information.
These must be configured on both the server and the zone. Time-To-Live (TTL) value is a setting returned with the other information in a DNS query that tells the recipient how long to hold on to the information contained in the record. The DNS server and DNS client keep the record in cache until the TTL value is reached, and then the record is discarded. This value is expressed in seconds. If the TTL is too short, the DNS client and server will generate more name resolution traffic because they have discarded the value from cache. If the TTL is too long, they may be depending on outdated information by keeping it in cache too long.
Checking the TTL is quite simple. Change the desired settings for the zone, or a specific record. Then use ipconfig at a Windows 2000, or better, client to flush the DNS cache (ipconfig /flushdns at a command prompt). Still at the command prompt, ping another client whose DNS setting was affected by the change you just made. Then use ipconfig to display the DNS cache and check for the proper settings. At the command prompt, type ipconfig /displaydns to display the client cache settings. Check to ensure your changes have taken place. Aging and scavenging is the process that DNS uses to remove outdated, or stale, records from the database. Aging determines the DNS record should be removed; scavenging is the process that performs the removal.
Typically when a computer is removed from the network and it is using dynamic update, the A record is removed from DNS. If a computer is NOT removed properly (mobile user in a hurry, motherboard decides to take an extended vacation, etc.) the A record may not get properly removed. Aging and scavenging helps take care of that issue. When a DNS record is dynamically added to the zone database file(s), it receives a time stamp from the service, based on the current computer time. If you manually add a record, it, by default, receives a time stamp of 0. You can change that when you create the record. With dynamic update, a DNS client can try to either update or refresh the resource record in the database. An update occurs when something changes in the record, like the IP address for the host. A refresh attempt is when the client attempts to re-register its resource record with the DNS server.
By default this occurs every 24 hours. When the client re-registers its record, it changes the time stamp. This will cause zone transfer or AD replication traffic, depending upon the settings of the zone. So what if nothing has really changed? Do we really need to start more network traffic? Probably not a great idea, wouldn't you think? So did the DNS designers. Two settings that must be configured on both the server and the zone are the refresh interval and the no-refresh interval. The value for both is expressed in days. The no-refresh interval is the period of time that the DNS server will NOT allow a client to refresh its resource record. If I am a client and have a time stamp of 15 May and the no-refresh interval is set to 5 days on the server and zone, I will not be able to refresh my resource record on the server. This is no big deal if nothing in the record has changed. Do you need network traffic to tell you everything is still the same? In this case, you probably do not. If I have an update (IP address, for example), that is accepted and the record is updated.
The refresh interval is the time I allow a refresh to occur to a record before it is discarded as old. As before my DNS resource record has a time stamp of 15 May. The no-refresh and refresh intervals are both set to 5 days. DNS will allow me to refresh my record on 21 May. It will allow me to refresh my record until 25 May. If I am attempting to do this every 24 hours, I should be successful some time on the 21st. When my record is refreshed, it receives a new timestamp, and the process starts over again.
The two intervals will determine the amount of time a record can remain in the database without a refresh. If your machine is connected to the network, it is attempting regular refreshes. If it becomes disconnected improperly, the record will be removed after the sum of the two intervals. For example, if both intervals are set to 5 days each (a total of 10), the record can be removed on day 11. I have a record timestamp of 15 May. The timestamp date plus 10 days is compared to the current system date. If the current system date is greater than that sum, the record will be removed.
Scavenging can be set to run automatically, or you can initiate it manually. We'll discuss that in the server setting later in this chapter. This process insures you have current information in the database. You may want to examine the interval settings to determine what is best for your network. The intervals may need to be adjusted for your particular needs. If your network is fairly static, in that hosts do not frequently change IP address, etc. and you are careful about moving machines, longer intervals will work fine. The more dynamic your network, the shorter the interval should be to provide DNS clients with up-to-date information.
Now let's look at the configuration involved in setting these processes in motion!
Manage DNS Zone Settings: The TTL setting for the zone can be found on the general tab in properties. Remember that if the zone is not Active Directory-Integrated, you must change this at the primary zone server. The following steps will configure the TTL at the zone level. If you do not add a value for an individual record, this will act as the default for the entire zone. The fields in question were shown previously in Figure 5.6. Here are the steps:
1. In the DNS console tree, right-click the applicable zone, and then click Properties.
2. On the General tab, verify that the zone type is either Primary or Active Directory-integrated.
3. Click the Start of Authority (SOA) tab.
4. In the Minimum (default) TTL section, select the interval, seconds, minutes, hours or days, and then, in the text box, type a number.
5. Click OK to save the adjusted interval.
Scavenging is performed at the server level, based on the server and zone settings. To set scavenging properties for the zone, follow these steps from the DNS console. Figure 5.10 shows the dialog box for the zone, which is the interface as the server.
1. In the console tree, right-click the applicable zone, and then click Properties.
2. On the General tab, click Aging.
3. In the Zone Aging/Scavenging Properties dialog box, select Scavenge stale resource records.
4. In the No-refresh interval field, select the increment, and then type a value. (For example, the increment is days and the value is 5, for a No-refresh interval of 5 days.)
5. In the Refresh field, select the increment, and then type a value. (For example, increment is days and the value is 5, for a refresh interval of 5 days.)
6. In the Zone Aging/Scavenging Properties dialog box, click OK.
To verify the settings, follow these steps from the DNS console:
1. On the View menu, verify that Advanced is selected. (If Advanced is not selected, click Advanced to select it.)
2. Right-click the applicable zone and then click Properties.
3. On the General tab, click Aging.
4. In the Zone Aging/Scavenging Properties dialog box, view the value in the Date and time field to ascertain the date after which the zone is eligible to be scavenged for outdated resource records, and then click OK.
5. In the Zone Properties dialog box, click OK.
Deborah Timmons is a Microsoft Certified Trainer and Microsoft Certified Systems Engineer. She came into the Microsoft technical field after six years in the adaptive technology field, providing technology and training for persons with disabilities. She is the President and co-owner of Integrator Systems Inc.
Article Rating (5 stars):
- Article Word Count: 1406
- |
- Total Views: 1422
- |
- permalink