BIND 8.2 based DNS and AD

[Kevin Darcy]

Richard Davies wrote:

> During extensive lab testing, we seem to have found something of an
> issue with both Nortel NetID 4.2.x and Lucent QIP 5.2 in an AD
> environment.
> Out of the box AD (as we'd like very much to leave it) relies on
> individual DCs and GCs being able to dynamically register SRV records.
> Both of these products support the relevent RFC, all good so far.
> However, both products appear to 'clean up' (remove) dynamically
> registered SRV records intermittently. This, if it occurs during an
> attempt by AD to run a replication cycle causes all manner of merry
> hell to break loose. The SRVs are normally de-registered and
> re-registered by individual DCs every 60 minutes by default, which
> often leaves us with between 1 and 59 minutes with potentially no SRV
> records existing for our DNS zones.......not good. Lucent have a
> workaround which effectively hard codes the SRVs by running a CLI
> using 'append mode', and we presume Nortel have a similar 'fix'.
> Wanting to implement the most suitable product for a primarily AD
> based infrastructure, I would like to know whether anyone else has
> encountered this issue and if it is (as it seems) a feature of BIND??

BIND doesn't have any "scavenging" feature -- it wouldn't delete records
unless it was specifically told to do so through Dynamic Update, or
unless it reloaded the zone from some sort of backend store, e.g. a
zonefile or backend DB, from which the records had been deleted.

So, I would say either a) QIP/NetID must be deleting those records
itself, or b) some component of the Win2K/AD suite (e.g. GC, DC,
DHCP server) is doing the deletes. In any case, I doubt very much that
it's a BIND problem...


- Kevin