Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, November 2, 2016 11:52 PM
We have a CNAME we've set up in our enterprise which needs to be instantly updated across the board if we have to do a failover. If I set the TTL for this entry to 15 seconds on a DC, the workstations that access it will get the updated setting after that 15 seconds. However it still takes this record a few minutes to replicate to other DCs and their associated workstations.
My question is, is there a way to force replication across all DCs just for this one record? I'm aware of repadmin /syncall, which I assume should work, but I was wondering if we could do something just for this one entry, rather than the entire DNS forest.
Ron Bass Systems Engineer, Confie Seguros
All replies (5)
Thursday, November 10, 2016 9:29 AM ✅Answered | 1 vote
Hi Ron Bass,
1. DNS reload zone from AD database: per 180 seconds;
2. Intrasite replication between DCs: 0-15 second; (It can be occurred immediately, or have 15 seconds delay;)
3. Intersite Replication between each site: Per 180 minutes; (We can modify it, but can't lower than 15 min;)
So, let's check the example (under ideal conditions), if a new record appears in DC1, DC2 in the same site, then DC2 will get this update with 15 seconds, the quickest time is 0 sec, while DC2's DNS(DNS server service) needs 180 seconds to reload the DNS zone from AD database, after reloading the DNS zone, DNS can get the new record, so the quickest time for DC2 to get the new record is 3 minutes;
For intersite, if you modify the replication time to 15 minutes (lowest), then the quickest time for DC3 in another site to get the new record is 15 min, DNS in DC3 need 180 seconds to reload the zone, so the quickest time for DC3 DNS server service to get the new record will be 15min+3min; default time is 180min+3min.
Best Regards,
Anne
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, November 3, 2016 5:31 AM
Hi Ron Bass,
1. The TTL is used to identify the time that the record can be cached by other DNS server;
2. DNS zone replica and transfer use incremental transmission, all new records will be updated to other DNS zones, there's no command or option to update specific DNS entry.
3. If you want to force replica immediately, you may use repadmin command:
https://technet.microsoft.com/en-us/library/cc742152(v=ws.11).aspx
https://technet.microsoft.com/en-us/library/cc816926%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Best Regards,
Anne
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, November 3, 2016 4:16 PM
Thanks. I have one follow-up question then. DCs have a fifteen minute replication interval. Is this the same for DNS? Is there a way to change DNS replication intervals?
Ron Bass Systems Engineer, Confie Seguros
Monday, November 7, 2016 7:03 AM
Hi Ron Bass,
The following blog discuss the topic in detail:
Mailbag: How Often Does the DNS Server Service Check AD for New or Modified Data?
(If the above replies could be of help, you may mark them as answer, if not, feel free to feed back.)
Best Regards,
Anne
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, November 7, 2016 7:10 PM
Hi Anne,
Thanks for this. This article certainly is informative but is also a bit confusing. For one, there's a typo I think. The chart says intersite replication is 180 minutes? I imagine it should says seconds, not minutes. Second, the article states "So if all DNS servers are in the same site and AD replication is working fine, the short answer to this question is 180 seconds or 3 minutes since that’s how often DNS server service polls Active Directory for changes in Active Directory integrated zones."
So, I'm still unclear about how often intersite replication takes place. That's our major question. Does intersite replication happen every 180 seconds, and can it be edited per this article? Or does it follow AD replication of every 15 minutes?
Our enterprise speads out over many sites and it's crucial we have a DNS structure that updates quickly throughout.
Ron Bass Systems Engineer, Confie Seguros