Well if its not the firewall its DNS, right! In reality no, but how many times in your career have you said it as a joke or in frustration?
Something came up recently that got me thinking about this and another goodie… “in my day”. Well that might not be applicable to you but as an aging professional in the ICT industry I am guilty of this one too from time to time.
This leads me onto the purpose of this blog.
This is actually about DNS and DHCP, getting their config wrong can create issues around your networks that will drive you insane! As far as I can tell these basics are just not taught to aspiring ICT professionals these days unless you’re in the networking game.
Without going into too much detail about each (there are literally countless articles, feel free to contact me if need to) here is what they do for the purpose this blog entry.
DHCP – Assigns IP addresses to clients that are configured to ask for one (all you need to know for this article)
Reservations vs static assignments - look that up here if you want to
Other functions like DHCP options – look that up here if you want to
DNS – returns the IP address of a hostname your client wants to talk to
Again, DNS does other things eg, svr, cname and txt records – Look that up here if you want to
Now onto the point of all this, your DHCP lease settings influence what DNS entries you have available in the zone, and DNS settings effect your client’s ability to find the correct address for the hostname it wants. If these are not set to work well with each other, you are not going to have a nice day!
I encountered this at a client site recently and it was endpoint manager (SCCM if your old like me) that was having issues. If you really want to understand how and why these settings relate then either read the Microsoft doc here or this awesome article by Josh Jones. (even better read both!)
Here is the gold nugget as I see it.
DHCP Lease time: 8 days – (For this example but set you’re to what your segment needs)
DNS no-refresh: 4 days (half of the lease time)
DNS refresh: 4 days (half of the lease time)
DNS scavenging interval: 1 day. (in this example it could be 1 - 3 days)
DNS auto scavenging: on (only set this on one DNS server in the zone)
Watch out for are clients that have static addresses and have registered themselves in DNS but don't update their records as scavenging will remove them eventually. You can add "A" records that are excluded from scavenging to get around this.
I hope this improves some’s day!
Comments