Question regarding DNS reverse lookup zones

Borislav Vitanov 81 Reputation points
2024-08-06T07:45:03.5766667+00:00

Hi guys,

I have the following question. We have internal AD DNS server, and internal non-AD non-Windows DHCP server for VPN. The DHCP provides a new IP when a computer connects to the VPN.

When I check our DNS, in a forward zone, there are no duplicates, at the same time but there are a lot of duplicates records in the reverse zone.

Unfortunately, I can't know when a computer will connect to a VPN.

the current settings are:

for the created reverse record - TTL 20 Minutes

for reverse record - Delete this record when it becomes stale is active

for forward record - Update associated pointer (PTR) record and Delete this record when it becomes stale are active

SOA by reverse zone

refresh interval 15 min

retry interval 15 min

expires after 1 day

TTL - 1 hour

Only aging/scavenging is not set cause I'm not sure what should be the interval for removal in order to get rid of all these duplicates.

In general, I was expecting that the computer account will update its records and remove obsolete one.

Thanks

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,309 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jing Zhou 6,365 Reputation points Microsoft Vendor
    2024-08-26T01:27:39.4266667+00:00

    Hello,

     

    Thank you for posting in Q&A forum.

    Here's some configuration we can try based on your scenario:

    For Refresh Interval, we can set it as 1 day to avoid frequent refresh.

    For Retry Interval, we can keep it same as refresh interval.

    For Expires After, we can set the maximum time a record can exist (In your case 20 minutes).

    After the configuration you can enable the Aging/Scavenging feature.

    For further information, please kindly check below Microsoft Official Documentation:

    REF: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-scavenging-setup

     

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

     

    Best regards,

    Jill Zhou

     


    If the Answer is helpful, please click "Accept Answer" and upvote it.

     

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.