How to Configure DNS Aging and Scavenging (Cleanup Stale DNS Records)

How to Configure DNS Aging and Scavenging (Cleanup Stale DNS Records)

In this tutorial, I’ll show you step by step instructions for setting up DNS aging and scavenging on Windows DNS Servers.

What is DNS Aging and Scavenging? 

It is a Windows DNS Server feature that will automate the cleanup of stale dynamically registered DNS records.

  • DNS Scavenging will only remove records based on their timestamp.
  • DNS scavenging will not remove statically configured records. These are records manually created or changed from DDNS to static.
  • DNS scavenging is not enabled by default

Do I really Need to Enabled DNS Scavenging? 

It depends, in small environments with little or no change it’s probably not a big deal. In medium to large environments I’d recommend turning this feature on, DNS can become a big mess and result in name resolution problems if stale DNS records are not cleaned up.

How to Configure DNS Aging and Scavenging on Server 2016

This tutorial I’m using a Windows  2016 server, these steps will work on other server versions (2008 – 2019).

Step 1: Check Server DNS Records (Very Important First Step)

If you don’t follow this step first you could end up deleting server DNS records and that would be very BAD. As a precaution you may want to also backup your DNS server and or records.

Scavenging works on timestamps, so any DNS record with a timestamp will get processed and possibly deleted. So I recommend you check your server DNS records and make sure they are static.

To check your records open the DNS console and check the Timestamp column, your servers should be set to static.

You can see below my DHCP1 server has a timestamp and is not static. I will need to fix this.

The fix is simple just open the record then uncheck the box “Delete this record when it becomes stale”

Now when I refresh my DNS console the timestamp shows static for this record.

Check all your server records and change them to static before moving onto the next step.

Step 2: Set Scavenging on the DNS Zone

1. Open the DNS Console

2. Right Click on the zone you want to enable scavenging on and click properties

3. Click the Aging button

4. Now click the box “Scavenge stale resource records”

You can adjust the intervals as needed. Keep these intervals equal to or less than your DHCP lease period. If your DHCP lease is set to 8 days then 7 days for scavenging works great.

That completes setting up aging for the zone. Now it needs turned on the server.

Step 3: Set Scavenging/Aging on the DNS Server

1. Open the DNS Console

2. Right click the DNS server

3. Click the “Advanced Tab” Then click “Enable automatic scavenging of state records”

That completes the setup of DNS aging and scavenging.

Resources:

Don’t be afraid of DNS Scavenging. Just be patient.

Dynamic DNS Updates & How to Get it to Work with DHCP, Scavenging

Recommended Tool: SolarWinds Server & Application Monitor (SAM)

This utility was designed to Monitor Active Directory and other critical applications. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.

What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.