Understanding Aging and Scavenging features in Windows 2000 DNS
- Prerequisites for Aging/Scavenging
- Aging/Scavenging Terminology
- When Scavenging Can Start
- Example of the Aging/Scavenging Process for a Sample Record
Learn about aging and scavenging features of Windows 2000 DNS servers and introduce you to a new terminology.
Paul T. Ammann is the author of several books on computing and networking. This article is excerpted from his book IP Solutions for Windows 2000 (Prentice Hall PTR, 2001, ISBN 0-13-091170-4).
Windows 2000 DNS servers support aging and scavenging features. These features are provided as a mechanism for performing cleanup and removal of stale resource records (RRs), which can accumulate in zone data over time.
With dynamic update, RRs are automatically added to zones when computers start on the network. However, in some cases, they are not automatically removed when computers leave the network. For example, if a computer registers its own host (A) RR at startup and is later improperly disconnected from the network, its host (A) RR might not be deleted. If your network has mobile users and computers, this situation can occur frequently.
If left unmanaged, the presence of stale RRs in zone data might cause some problems. The following are examples:
-
If a large number of stale RRs remain in server zones, they can eventually take up server disk space and cause unnecessarily long zone transfers.
-
DNS servers loading zones with stale RRs might use outdated information to answer client queries, potentially causing the clients to experience name resolution problems on the network.
-
The accumulation of stale RRs at the DNS server can degrade its performance and responsiveness.
-
In some cases, the presence of a stale RR in a zone could prevent a DNS domain name from being used by another computer or host device.
To solve these problems, the DNS Server service has the following features:
-
Time stamping, based on the current date and time set at the server computer, for any RRs added dynamically to primary-type zones. In addition, time stamps are recorded in standard primary zones where aging/scavenging is enabled.
For RRs that you add manually, a time stamp value of zero is used, indicating that they are not affected by the aging process and can remain without limitation in zone data unless you otherwise change their time stamp or delete them.
-
Aging of RRs in local data, based on a specified refresh time period, for any eligible zones.
Only primary type zones that are loaded by the DNS Server service are eligible to participate in this process.
-
Scavenging for any RRs that persist beyond the specified refresh period.
When a Windows 2000 DNS server performs a scavenging operation, it can determine that RRs have aged to the point of becoming stale and remove them from zone data. Servers can be configured to perform recurring scavenging operations automatically, or you can initiate an immediate scavenging operation at the server.
Caution
By default, the aging and scavenging mechanism is disabled at Windows 2000 DNS servers. It should be enabled only when all parameters are fully understood. Otherwise, the server could be accidentally configured to delete records that should not be deleted. If a record is accidentally deleted, not only will users fail to resolve queries for that record, but any user can create the record and take ownership of it, even on zones configured for secure dynamic update.
The server uses the contents of each RR-specific time stamp, along with other aging/scavenging properties that you can adjust or configure, to determine when it scavenges records.
Prerequisites for Aging/Scavenging
Before the aging and scavenging features of Windows 2000 DNS can be used, several conditions must be met:
-
Scavenging and aging must be enabled both at the DNS server and on the zone.
By default, aging and scavenging of resource records is disabled.
-
Resource records must either be dynamically added to zones or manually modified for use in aging and scavenging operations.
Typically, only those resource records added dynamically using the DNS dynamic update protocol are subject to aging and scavenging.
You can, however, enable scavenging for other resource records added through non-dynamic means. For records added to zones in this way, either by loading a text-based zone file from another DNS server or by manually adding them to a zone, a time stamp of zero is set. This makes these records ineligible for use in aging/scavenging operations.
-
In order to change this default, you can administer these records individually, to reset and permit them to use a current (non-zero) time stamp value. This enables these records to become aged and scavenged.
Note
In the case of changing a zone from standard primary to Active Directory-integrated, you might want to enable scavenging of all existing resource records in the zone. To enable aging for all existing resource records in a zone, you can use the AgeAllRecords command, which is available through the dnscmd command-line tool.