Good point Ben. That slipped by me. That cache is not replicated. So,
this isn't a matter of AD db housekeeping. Now it's a less significant
matter of - do you bother cleaning out cache on your DNS servers, period?
All our DC's are DNS servers, but of the 60+, just two of them are employed
to service external name lookups. Those two have a pretty monstrous cache,
with lots of empty zones. Is it worth even thinking about, clear that cache
a time or two per year? Or just let it build up knowing it has no
detrimental effect on anything?
--------------------------------------------------
From: "Ben Scott" <[email protected]>
Sent: Friday, May 21, 2010 11:06 AM
To: "NT System Admin Issues" <[email protected]>
Subject: Re: DNS Cache - Do you ever clean it up?
On Fri, May 21, 2010 at 11:56 AM, mb <[email protected]> wrote:
Just curious what others here do. Recently had a minor issue that had me
looking in our DNS cache for an answer. When I expanded the .com zone,
it
hit the default max of 10,000 domains to display. I looked through it a
bit, and a lot of those zone folders were empty, as TTL's had expired and
records were long gone.
Our DNS is AD integrated.
Microsoft's DNS server doesn't keep cached non-authoritative records
in Active Directory, does it?
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
