Enable Aging and Scavenging for DNS

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Enable aging and scavenging on two Windows Server 2003–based domain controllers running the DNS Server service per domain, to allow automatic cleanup and removal of stale resource records (RRs), which can accumulate in zone data over time.

With dynamic update, RRs are automatically added to zones when computers start on the network. However, in some cases, they are not automatically removed when computers leave the network. For example, if a computer registers its own host (A) RR at startup and is later improperly disconnected from the network, its host (A) RR might not be deleted. If your network has mobile users and computers, this situation can occur frequently.

If left unmanaged, the presence of stale RRs in zone data might cause problems including:

  • If a large number of stale RRs remain in server zones, they can eventually take up server disk space and cause unnecessarily long zone transfers.

  • DNS servers loading zones with stale RRs might use outdated information to answer client queries, potentially causing the clients to experience name resolution problems on the network.

  • The accumulation of stale RRs at the DNS server can degrade its performance and responsiveness.

Caution

  • By default, the aging and scavenging mechanism for the DNS Server service is disabled. Enable aging and scavenging only after you understand all parameters. Otherwise, the server could be accidentally configured to delete resource records that should not be deleted. If a resource record is accidentally deleted, not only will users fail to resolve queries for that resource record, but any user can create the resource record and take ownership of it, even on zones configured for secure dynamic update.

  • For more information about how to configure aging and scavenging, see "Understanding aging and scavenging" in Help and Support Center for Windows Server 2003.

To enable the aging and scavenging features, perform the following steps to configure the applicable server and its Active Directory–integrated zones:

  • Enable aging and scavenging at the server. These settings determine the effect of zone-level properties for any Active Directory–integrated zones loaded at the server.

  • Enable aging and scavenging for selected zones at the DNS server. When zone-specific properties are set for a selected zone, these settings apply only to the applicable zone and its resource records. Unless these zone-level properties are otherwise configured, they inherit their default settings from comparable settings maintained in the DNS server aging/scavenging properties.

To set aging and scavenging properties for the DNS server

  1. Log on to the computer that is running the DNS Server service with an account that is a member of the local Administrators group.

  2. In the DNS console tree, right-click the applicable DNS server, and then click Set Aging/Scavenging for all zones.

  3. Select the Scavenge stale resource records check box.

  4. Modify other aging and scavenging properties as needed.

To set aging and scavenging properties for a zone

  1. Log on to the computer that is running the DNS Server service with an account that is a member of the local Administrators group.

  2. In the DNS console tree, right-click the applicable zone, then click Properties.

  3. On the General tab, click Aging, and then select the Scavenge stale resource records check box.

  4. Modify other aging and scavenging properties as needed.