unapporved update
Michael Voight
mvoight at cisco.com
Wed Sep 8 17:46:03 UTC 1999
But if it is NOT specifying a zone for the CNAME check, then it is
WRONG.
Michael
Barry Finkel wrote:
>
> Jim Reid wrote:
> > Barry> If there is interest I can post my summary of the WIN 2000
> > Barry> Workstation dynamic update requests.
> >
> >Yes please! It would be a great help to the list if people shared
> >their experiences with W2K and what it does to the DNS. Those who are
> >at the bleeding edge of this technology can help to make it less
> >painful for the rest of us.
>
> I am not an expert in Dynamic DNS (RFC 2136), nor am I an expert in
> the DNS RFCs (1034/1035), so I may have misinterpreted the DNS
> update records sent by the Windows 2000 Workstation computer.
> The machine LIZZARD.ctd.anl.gov is at address 146.137.160.161; it
> sent numerous dynamic DNS update requests, each in three update
> packets:
>
> 1) If (LIZZARD is a CNAME) then return(YXRRSET [7]).
> If (LIZZARD does not point to 146.137.160.161) then return(NXRRSET [8]).
> If ((LIZZARD is not a CNAME) and (LIZZARD points to 146.137.160.161))
> then RETURN(NOERROR). [No update zone is specified.]
>
> 2) If (LIZZARD is a CNAME) then return(YXRRSET [7]).
> If (LIZZARD fwd pointer exists) then return(YXRRSET [7]).
> If ((LIZZARD is not a CNAME) and (LIZZARD fwd pointer does not exist))
> then add a forward pointer.
>
> 3) Delete any existing reverse pointer for 146.137.160.161, and
> add a reverse pointer for LIZZARD.
>
> Note that the first packet has no update zone. I assume that this is
> only for checking return codes. But my DNS returns NOTAUTH for
> each attempt, and if the MS code were checking return codes, it
> would not have sent packets 2) and 3). If a Windows 2000 Workstation
> is online and has a correct IP name and address, then packets 2) and 3)
> are OK. If the machine happens to be on the network with an incorrect
> name and/or IP address, then packet 2) will fail if the name is already
> registered. But packet 3) will ALWAYS change the reverse pointer.
> This scares me. On a Windows 2000 Workstation, you can disable the
> auto-register via these steps:
>
> Start
> Settings
> Network and Dialup
> Local Area
> Properties
> Adapter
> Protocols
> TCP/IP
> Advanced
> DNS
> The "Register this name" box should NOT be checked.
> If you have to uncheck the box, then you must reboot to have the
> change take effect.
>
> As I stated in a previous posting, Windows 2000 Server is a different
> animal; it uses RFC 2052 extensively.
>
> If anyone wants to see the raw sniffer records and check to see that
> I have decoded them properly, let me know; I can send you the raw
> records. I would like some volunteer who knows the RFCs to check my
> work, as these are the first DNS sniffer records I have decoded.
> ----------------------------------------------------------------------
> Barry S. Finkel
> Electronics and Computing Technologies Division
> Argonne National Laboratory Phone: +1 (630) 252-7277
> 9700 South Cass Avenue Facsimile:+1 (630) 252-9689
> Building 221, Room B236 Internet: BSFinkel at anl.gov
> Argonne, IL 60439-4844 IBMMAIL: I1004994
More information about the bind-users
mailing list