The Real (and Virtual) Adventures of Nathan the IT Guy

Dec 8 2009   2:09AM GMT

DNS Scavenging

Nathan Simon Nathan Simon Profile: Nathan Simon

I was rummaging around one of my clients servers when I noticed multiple host records pointing to the same IP address, this can get confusing if left long enough, so Microsoft has DNS Scavenging to help clean up that mess. With Scavenging enabled, when a record becomes a certain age, it gets purged from DNS, if say a good DNS entry gets purges, say someone went on vacation or something for a couple weeks, then next time he logs into the domain the DNS entry for that person will be re-registered. Below are a few tips about DNS Scavenging.

  • Verify that DNS Scavenging is enabled in the server Advanced properties. See KB article 932464 (Server 2003) or this link (Server 2008)
  • Verify that the zone in question has scavenging/Aging enabled.
  • Verify that the record(s) have a timestamp. In the DNS MMC, select View\ Advanced and then right-click the record and select properties.
  • Record time stamp must be older than the combination of the No-refresh + Refresh intervals to be subject to scavenging.  Be aware that automatic scavenging of the zone will not occur until the DNS Server service has been running for a period of time equal to the Refresh Interval set on the zone.
  • To initiate a scavenge manually, in the DNS MMC, right-click on the DNS server and select “Scavenge stale resource records”.
  • If no one updates record between No-refresh + Refresh intervals, record will be marked as stale, and will be removed from DNS MMC but will exist under MicrosoftDNS container. “dNSTombstone” attribute will change to “True” when record become stale.
  • If a large number of records do not have a timestamp and are in need of having one set (to be subject to scavenging), the dnscmd utility can be used to accomplish this. Note: using this utility to force the aging of all records in a zone will cause records for hosts that are not dynamically updated to eventually be scavenged from the zone. USE THIS WITH CAUTION: The /ageallrecords will affect all records within DNS, even manually added records.


 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: