From wiki.adammorgan.org
Jump to: navigation, search


  • Forward Lookup Zone: FQDN to IP
  • Reverse Lookup Zone: IP to FQDN
  • Ex: "Answers.Com" represents a "forward look-up zone" and contains Address (A) records, among others, such as: WIKI.Answers.Com A
  • SRV records: Kerberos, LDAP

Windows Server's DNS

  • domains highlighted in grey are delegated records. Delegations are used to specify the IP address of another DNS server that will host the zone.


  • What is the _msdcs subdomain?
  • contains info for Microsoft-specific services.
  • When a client is querying DNS for a domain controller, if the client does not know what site it belongs to, it will request a _ldap service record from the _tcp.dc._msdcs.domain.tld zone.

DNS Scavenging


  • The default DHCP lease period is 8 days. If changed, you should also change the DNS scavenging intervals accordingly. Otherwise clients' DNS records could outlive their IP lease, and multiple clients could have DNS records for the same IP.


  • When you first set scavenging on a zone the timestamp seen at the bottom (reload zone if you don't see it) will be set to the current time of day rounded down to the nearest hour plus the Refresh interval. This also gets reset any time the zone is loaded or any time dynamic updates get enabled on the zone.
  • The "zone can be scavenged after" timestamp is the first of your safety valves. It gives clients time to get their record timestamp updated before the big axe swings. Since new record timestamps are not replicated while zone scavenging is disabled this also gives replication time to get things in order.
  • Both the Refresh and No-refresh intervals must elapse before a record can be deleted.
  • No-refresh interval - The No-refresh interval is a period of time during which a resource record cannot be refreshed. The purpose of a No-refresh interval is simply to reduce replication traffic. A change to a record means a change that must be replicated. A refresh is a dynamic update where we are not changing the host/IP of a resource record, just touching the timestamp. If a client changes the IP of a host record this is considered an "update" and is exempt from the No-refresh interval.
  • After the (Record Timestamp) + (No-refresh interval) elapses we enter the Refresh interval. The refresh interval is the time when refreshes to the timestamp are allowed. This is the time when good things must happen. The client is allowed to come in and update it's timestamp. This timestamp will be replicated around and the No-refresh interval begins again. If for some reason the client fails to update it's record during the refresh interval it becomes eligible to be scavenged. Will it disappear immediately? Probably not but it is certainly possible.
  • When setting Refresh and No-Refresh intervals be sure to allow enough time for clients to get several registration attempts during a Refresh interval. Failure to do so could allow a record to become eligible for scavenging simply from a failed refresh attempt.