I honestly believe that one of the greatest barriers to proficiency for IT administrators is terminology. There is such a variety of terms, acronyms, and usages, that IT is really like its own language. The good news for those of you that speak it, you are now fluent in at least two languages. For those of you working your way in, remember to roll your ‘R’ – and good luck with the lingo.
While we are still working on getting a common understanding between us, there will be some challenges which arise from terminology alone – regardless of the technology. Two administrators collaborating to engineer a solution or resolve an issue are impeded or delayed as they each have different understanding of terms. Knowledge base articles intending to provide guidance on setup and configuration of technologies cause frustration as terms and usage are unclear. Sometimes the administrator just needs to learn the industry standard terminology. Sometimes it is a little more confusing because the same term has different meanings depending on the context. And then there’s the condition where vendors themselves are guilty of perpetuating confusion.
It’s into this final category that aging / scavenging falls for Microsoft DNS. Microsoft seems to perpetually misuse the terms ‘aging’ and ‘scavenging’ in KB articles, design documents, and even in the GUI. This creates the frustration of confused administrators. There is a fair amount to discuss with the technology of aging / scavenging but this very short article is going to be focused only on clearing up the terms. A future post will address the technology and configuration of aging and scavenging.
Aging
Very simply, aging is the process of tracking the update time of a record against the time to staleness. Essentially, aging is used to determine when or if a record should expire. If aging is enabled on a zone, creation of new DNS record will include a timestamp with the record. Each subsequent allowed update will update the timestamp, preventing the record from expiring. Aging is made up of two separate intervals, the No-Refresh Interval (7 days by default) and the Refresh Interval (7 days by default). If an existing record is not updated within the sum of these two intervals (14 days by default), then the record is considered to be aged (or stale). This is represented in the following image:
NOTE: Interestingly, this image is from the patent that Microsoft submitted for aging / scavenging! Look for a future post on the history of aging and scavenging for more details about its interesting evolution.
This is aging. That’s it, and it in no way will this configuration alone scavenge your zone.
Scavenging
Scavenging is the process of cleaning up aged (or stale) records. Scavenging will only be performed on records that have timestamps even if a record has not been updated in longer than the full aging interval. If aging is the process of determining when a record is expired, scavenging is the process of removing the expired object. If scavenging is enabled on a server but aging is not enabled on the zone, no records will be removed. Scavenging is also performed on a specified interval (7 days by default). At this interval, the low-priority, highly-intensive process of scavenging begins removing records which have been aged. This means that under normal circumstances, a record which is stale may not be removed for up to 7 days after it has become stale.
And that’s it. Aging and scavenging are truly simple technologies to understand – as long as we don’t intentionally create confusion. Married together, they are separate functions which have limited or no value by themselves but become invaluable when joined appropriately. Configuration considerations can be a little more complex but before we can get there, we have to understand the terminology. It’s especially true when we have to decipher what vendors and consultants intend when they say, “aging,” or “scavenging”.
Let’s look at just a few examples of where the misuse of terminology creates confusion.
GUI
While the checkbox in the GUI states ‘Scavenge stale resource records’, scavenging is not what happens when we select that checkbox. We are only configuring aging.
Documentation
There are also plenty of articles that misrepresent aging as scavenging. This includes usage descriptions for the dnscmd /ageallrecords command where several articles state, “You must have scavenging enabled before running the command”. Also this is, I think, one of the most confusing statements about aging / scavenging, “Before the aging and scavenging features of DNS can be used … scavenging and aging must be enabled both at the DNS server and on the zone.” This particularly drives me crazy for two reasons. One, before I took the time to understand, I know that I personally repeated this to many, many customers. And two, as a Microsoft engineer, I heard this repeated by my peers incessantly, particularly during AD Risk Assessments (ADRAP). We’re going to address this in a future post.
So, this is my open plea to everyone, particularly Microsoft, to use the appropriate terminology when describing aging and scavenging configuration. On behalf of administrators everywhere, we thank you in advance!
