Aging & Scavenging of W2K DNS Records

Richard Phillips richphillips at lucent.com
Tue Nov 6 23:09:04 UTC 2001 

Barry,
	Would you say, that as long as the Server is properly secured, with only
allowing DDNS updates to come from the DHCP servers, and not DDNS updates
allowed from any client, then BIND has no issue as far as junk records!??
This Utopia is always the recommended scenario, but there are many
"POLICITAL" aspects to all of our environments, that may force us to open
things up a bit, most of which finally refer to a W2K implementation or two.
Even if we did delegate the _zones, there are just some companies that just
follow MS right into the PIT!  This becomes a religious battle for me, so I
must stop here.  I push & push for companies to use BIND, but with the clout
that MS brings to the table, it's sometimes hard to convince anyone of
anything else!!!


Anyway.......
I agree with what you have said regarding the DHCP server, but I've seen
situations in which the DHCP server did do it's job, and unfortunately the
record didn't get cycled out.   This can once again be caused by the issues
that I've mentioned below.  I've seen it work with 3rd party IP Management
products, but I've not seen it work properly with ISC's DHCP V.2 or MS's
DHCP server.  I've seen the server not clear the hostname until that address
is handed out to someone else.

Rich

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Barry Margolin
Sent: Tuesday, November 06, 2001 3:43 PM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Re: Aging & Scavenging of W2K DNS Records


In article <9s9om6$ru5 at pub3.rc.vix.com>,
Richard Phillips  <richphillips at lucent.com> wrote:
>
>I realize that this is was not a specific BIND question, but it does raise
a
>question that is!
>
>Is there any option within BIND 8/9 that can be configured that would age
>out records not updated, or used?  I know this could open up a huge CAN of
>worms/issues!, but unless I can come up with a "VALID" reason for us to
>switch, then I'll have my hands deep into a W2K DNS implementation.

BIND never updates data automatically.  It's the job of the DHCP server to
send updates to BIND.

Also, it seems wrong for the nameserver to age out records by itself.  In
many environments it's quite unusual to look up workstation names, since
they act primarily as clients.  So a machine could be quite active on the
network but inactive as far as the nameserver can tell.

--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.

More information about the bind-users mailing list