guarantee RFC standardized hostname
Frank Sweetser
fs at WPI.EDU
Thu Aug 25 04:13:20 UTC 2011
On 8/24/2011 11:56 PM, Ted Lemon wrote:
> On Aug 24, 2011, at 7:50 PM, Frank Sweetser wrote:
>> I'm assuming that you don't have any kind of pre-existing records for these
>> hosts? We track all hosts here, and force a hostname to be defined at
>> registration time, with all of the usual validity and uniqueness checks. We
>> then feed this data into our dhcp configuration files, and all client
>> supplied ddns hostname values are summarily ignored.
>
> What's the threat model here?
Nothing particularly deep or ominous. We already have DDNS restricted to
non-critical subdomains, so there's not a huge risk of taking over existing
FQDNs, but we do require the first portion of the hostname to be unique to
prevent confusion and ambiguity when people use short hostnames. Having a
fixed registered hostname, rather than one that varies on the whims of
whatever OS partition they booted this time, also makes it much easier to
track misbehaving hosts, such as a user who left ICS on from their home
configuration back to the owner or technical contact. Other benefits have
cropped up over time, such as targeting configuration change notifications
only to affected users, or purging hosts owned by users who have left.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
Manager of Network Operations | is simple, elegant, and wrong.
Worcester Polytechnic Institute | - HL Mencken
More information about the dhcp-users
mailing list