Page tree

Contents

The DNS scavenging feature allows you to remove unused DNS resource records from zone data to prevent the accumulation of unneeded records. A scavenging operation determines, based on predefined rules, which records are not needed, i.e. are reclaimable, and removes them. For information about scavenging rules, see Scavenging Rules.
Scavenging is used for records with the dynamic record source type. Dynamic records are those created automatically, for example, via a dynamic DNS update. Static records, i.e. records that you add manually, can be identified as reclaimable based on scavenging rules but are not subject to scavenging. You can see the source type for each record in the DNS Resource Records viewer in Grid Manager.
You can use the records scavenging feature at the following levels in NIOS:

  • Grid: scavenging is performed in all views and zones of the Grid.
  • DNS view: scavenging is performed in all zones of the view.
  • Authoritative zone (a Grid primary or unassigned zone): scavenging is performed in the specified zone, but not in the subzones.

You can either scavenge DNS records immediately or schedule automatic scavenging. For more information, see
Scavenging DNS Records Immediately and Scheduling Automatic Scavenging.
You can organize and monitor records identified as reclaimable by using Smart Folders. For information, see Chapter 3, Smart Folders.
Scavenging events are logged in the NIOS syslog. You can view it, as described in Viewing the Syslog and Searching in the Syslog.
The records are removed to the Recycle Bin and can be restored from there. For more information, see Restoring Reclaimed Records.


Note: Membership in the DNS Admin group is required to complete scavenging operations. For details, see Administrative Permissions for DNS Records Scavenging. Also see Forcing Creation Timestamp Initialization for Unchanged Records for information on handling the creation timestamp of records that remain unchanged at DDNS updates.



Scavenging Rules
You can configure the following match rules to identify reclaimable DNS resource records:

  • Resource Record Type: This rule allows you to specify the record type to run scavenging on. A record is reclaimable if its type matches or does not match the type specified in the rule. The record types that support scavenging include the following:
    • A
    • AAAA
    • PTR
    • CNAME
    • DNAME
    • MX
    • SRV
    • NAPTR
    • TXT
  • Creation Time: This rule allows you to identify reclaimable records based on the record's creation timestamp. You can see the "Creation Time" value for the records in the DNS Resource Records viewer.

    Note: In the case of upgrade to NIOS 7.3, the creation time is not initialized. Therefore the "Creation Time" rule does not apply to the records created before the upgrade.

  • Last Queried Time: This rule allows you to identify reclaimable records based on when they were last queried for their DNS data. You can see the last queried time for the records in the DNS Resource Records viewer.

    Note: If you use this rule, also select Enable last queried time monitoring for resource records in the Grid, view, or zone scavenging properties, as described in the next section.

  • Last Discovered Time: This rule allows you to identify reclaimable records based on the record's last discovered timestamp. This rule is applicable to A, AAAA, and PTR records.
  • Record Source: This rule allows you to specify the record source – static or dynamic – to be used as a filter when identifying reclaimable records.
  • Associated Records: This rule allows you to identify reclaimable records based on whether they have or do not have associated records. Record associations are supported for address records (A, AAAA, and PTR). Additionally, you can reclaim the associated records when reclaiming the original ones by enabling the option When reclaiming A, AAAA, or PTR records, also reclaim the corresponding, symmetric A, AAAA, and PTR records in the scavenging properties, as described in the next section.
  • Extensible Attributes: You can specify extensible attributes that reclaimable records should match in addition to the scavenging rules described above.

Configuring DNS Record Scavenging Properties
You can configure the DNS record scavenging properties at the Grid, DNS view, or DNS zone level. According to the NIOS inheritance pattern for object properties, the scavenging properties configured at a given level are inherited by the level below, unless overridden.
To configure the DNS record scavenging properties:

  1. Grid: From the Data Management tab, select the DNS tab, expand the Toolbar and click Grid DNS Properties.
    DNS view: From the Data Management tab, select the DNS tab and click the Zones tab -> dns_view check box -> Edit icon.
    DNS zone: From the Data Management tab, select the DNS tab and click the Zones tab -> click a DNS view -> zone check box -> Edit icon.
  2. If the properties editor is in basic mode, click Toggle Advanced Mode.
  3. Click DNS Scavenging.
  4. Enable last queried time monitoring for resource records: Select this if you are going to use the Last Queried Time rule. This setting enables monitoring the time when the resource record was last queried for its DNS data. For more information on DNS queries monitoring for resource records, see Monitoring DNS Queries.
  5. Enable last queried time monitoring for zones: This setting enables monitoring the time when the zone, i.e. at least a single record in it, was last queried for its DNS data. The data resulting from zone last queries time monitoring is displayed in the zones viewer (Data Management -> DNS -> Zones -> click a DNS view to open zones list).

    Note: Enabling monitoring for a zone does not enable monitoring for child zones.

  6. Select Enable record scavenging.
  7. To override the inherited properties, click Override and complete the fields.
  8. Under Match the following rule, create a rule as follows. For information about rules, see Scavenging Rules.
    • Choose Filter: Select a criterion from the drop-down list.
    • Choose Operator: Select an operator for the filter criterion.
    • In the value field, enter the value for the filter field. To add another rule:
    • Click + to add another rule at the same level.
    • Click |<- to add an all (logical AND) or any (logical OR) operator line and a parenthetical rule that is indented one level and above the first rule.
    • Click ->| to add an all (logical AND) or any (logical OR) operator line and a parenthetical rule that is indented one level.
      To logically combine the whole ruleset, select  Match all of the following rules or  Match any of the following rules .
      After you add all the match rules, you can click Reset to remove the previously configured rules and start again.
  9. Under  Match records with the following extensible attribute , add an extensible attribute to use as an additional criterion for finding necessary records.
      • Choose Filter: Select a criterion from the drop-down list.
      • Choose Operator: Select an operator for the filter criterion.
      • In the value field, enter the value for the filter field.
      To add another extensible attribute, click +.
    • To logically combine the extensible attributes set, select  Match all records with the following extensible attributes or Match any records with the following extensible attributes .
    • After you add all the extensible attributes, you can click Reset to remove the previously configured attributes and start again.

  10. Note: The extensible attributes rule is always combined with the rest of the match rules using the AND operator.

  11. When reclaiming A, AAAA or PTR records, also reclaim the corresponding, symmetric A, AAAA and PTR records: Select this if you want to reclaim records associated to the ones identified as reclaimable.
  12. To configure a schedule for automatic records scavenging, select Enable scheduled record scavenging. See Scheduling Automatic Scavenging.
  13. Click Save & Close or Save.


Scheduling Automatic Scavenging

You can schedule a scavenging operation only at the Grid level. For a scavenging operation at the view or zone level, you can use the schedule inherited from the Grid.


Note: Infoblox recommends manually testing the configured scavenging settings before enabling scheduled scavenging.


  1. In the DNS record scavenging properties described in the previous section, select the Enable scheduled record scavenging check box.
  2. To enable automatic scavenging after records are marked as reclaimable, select After marking a record as reclaimable, automatically reclaim the record.
  3. Click the Scheduling icon and complete the following in the Scavenging Scheduler dialog:
    • Select how often you want to execute the scavenging. You can select Once, Hourly, Daily, Weekly, or Monthly.
    • If you select Once, complete the following:
      • Enter the day in the date picker and select a month from the drop-down list.
      • Enter a time in the hh:mm:ss AM/PM format. You can also select a time from the drop-down list.
      • Choose the Time Zone.
    • If you select Hourly, complete the following:
      • Schedule every hour(s) at: Enter the number of hours between each scavenging instance. You can enter a value from 1 to 24.
      • Minutes past the hour: Enter the number of minutes past the hour. For example, enter 5 if you want to schedule the scavenging operation five minutes after the hour.
      • Choose the Time Zone.
    • If you select Daily, complete the following:
      • Click either Every day or Every weekday.
      • Enter a time in the hh:mm:ss AM/PM format. You can also select a time from the drop-down list.
      • Choose the Time Zone.
    • If you select Weekly, complete the following:
      • Schedule every week on: Select any day of the week.
      • Enter a time in the hh:mm:ss AM/PM format. You can also select a time from the drop-down list.
      • Choose the Time Zone.
    • If you select Monthly, complete the following:
        • Schedule the day of the month: Enter the day of the month and the monthly interval. For example, to schedule the rule update on the first day after every 2 months, you can enter Day 1 every 2 month(s).
        • Enter a time in the hh:mm:ss AM/PM format. You can also select a time from the drop-down list.
        • Choose the Time Zone.
  4. Click OK.

Scavenging DNS Records Immediately

To perform record scavenging for the Grid, a DNS view, or a zone according to the predefined rules, use the Scavenge Records command from the Toolbar. This adds a background task that starts immediately or, if another scavenging task is in progress, after its completion.
The scavenging is split into two stages that you can execute separately or together:

  • Mark records as reclaimable: This stage analyzes the records against the scavenging rules. The records matching the rules are marked as reclaimable, i.e. their "Reclaimable" flag is set to "Yes" in the DNS Resource Records viewer. These records can be reclaimed by using the second stage, unless you disable scavenging for them as described in Disabling Scavenging for Individual Records.
  • Reclaim records marked as reclaimable: This stage automatically removes the records marked as reclaimable in the result of the execution of the first option. Running only the "Reclaim records marked as reclaimable" stage without the analysis stage does not perform a new analysis on the affected records. It only removes the records marked as reclaimable during the previous analysis.

Also, you can reset the reclaimable flag of the records. As an example of when this may be useful: if records have previously been marked as reclaimable and under a revised scavenging policy some records may no longer be reclaimable.


Note: To start immediate scavenging of DNS records, you must first carefully define the scavenging properties, as described in Configuring DNS Record Scavenging Properties.


To scavenge DNS records immediately:

  1. Grid: From the Data Management tab, select the DNS tab, expand the Toolbar and click Scavenge Records -> Scavenge Grid Records.
    DNS view: From the Data Management tab, select the DNS tab, click a DNS view, expand the Toolbar, and then click Scavenge Records -> Scavenge View Records.
    DNS zone: From the Data Management tab, select the DNS tab, click a DNS view, click a zone, expand the Toolbar, and then click Scavenge Records -> Scavenge Zone Records.
  2. Select one of the following:
    • Scavenge Records: Select this to proceed to the record scavenging. Go to the next step.
    • Reset reclaimable flag: Select this to set the "Reclaimable" flag of all affected records to "No".
  3. If you chose Scavenge Records, select one of the following options or both of them:
    • Mark records are reclaimable
    • Reclaim records marked as reclaimable

    Note: Static records are never reclaimed automatically even if they are marked as reclaimable. You can only delete static records manually from the DNS Resource Records viewer.

  4. Click Start.

To check the progress of the current scavenging task, you can use the DNS Record Scavenging widget in the Dashboard. For more information, see DNS Record Scavenging. You can also view a scavenging report, as described in DNS Scavenged Object Count Trend.
The scavenging task may be subject for an approval workflow. For information on approval workflows, see Configuring Approval Workflows.


Note: Keep in mind that the Enable record scavenging property for a lower scavenging scope (e.g. view or zone) can override this property for the upper scope (i.e., Grid or view respectively). For example, if you run scavenging on the Grid with the scavenging option disabled, and there are some views or zones on which scavenging is enabled, this results in the records of the affected views and zones being scavenged. Vice versa, if scavenging is disabled for certain views or zones and you run scavenging on the Grid with the scavenging option enabled, the corresponding views and zones are excluded from scavenging.


Disabling Scavenging for Individual Records

You can disable scavenging for individual records, even if they are marked as reclaimable. In this case, the record is never reclaimed unless you enable the scavenging for it again.
To disable scavenging for a record:

  1. In the DNS Resource Records viewer, select the appropriate record.
  2. Click Edit.
  3. In the record properties dialog, click DNS Scavenging.
  4. Select the Disable scavenging for this record check box.
  5. Click Save & Close.
    Additionally, you can see the following information in the resource record scavenging properties:
  • Record creation time
  • Record last queried time
  • Whether the record is reclaimable
  1. For records synced from MS servers, the creation timestamp is not synced. This implies the following limitations:
  • When a zone is converted from MS to NIOS, the timestamp is initialized to the time when the operation occurs.
  • When a zone is converted from NIOS to MS, the timestamp is reset.

Administrative Permissions for DNS Records Scavenging

By default, only superusers can perform DNS records scavenging. Limited-access users can use the scavenging functionality if they have the corresponding DNS scavenging permissions. For more information about admin permissions, see About Administrative Permissions.
The DNS scavenging permissions are global to Grid Manager. They are used in addition to the regular DNS global and object permissions. For more information about the DNS permissions, see Administrative Permissions for DNS Resources.
The following operations require scavenging permissions:

  • Modifying scavenging properties for the Grid, a view, or a zone
  • Configuring a scavenging schedule
  • Performing a scavenging task
  • Viewing the DNS Record Scavenging dashboard widget
  • Viewing the DNS Scavenged Object Count Trend report

Restoring Reclaimed Records

A reclaimed record remains in the Recycle Bin until the bin is emptied. You can restore the deleted records from the Recycle Bin, as described in Restoring Objects from the Recycle Bin.
The Recycle Bin does not display information on whether a record was deleted during a scavenging process or manually. Therefore, you cannot restore the reclaimed data only.
When a record is restored from the Recycle Bin, its Reclaimable flag is reset to "No".


Note: Only a super user can restore records reclaimed during a recurring scavenging task.


  • No labels

This page has no comments.