DNS name and dynamic IP

[sinister]

"Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message 
news:cmel0i$g42$1 at sf1.isc.org...
> sinister wrote:
>
>>I connect to a Solaris box via SSH over VPN from my home Windows XP Home
>>box.
>>
>>I started finding all these weird names in the wtmpx file on the Solaris
>>box.  (It's a log file with a list of users, connect times, connecting
>>IP/name, etc.)
>>
>>Called IT support and he said it was something like the following. 
>>(Pardon
>>my obvious lack of knowledge of the subject.)  One name server has been
>>setup so that on reverse lookup the names resolve statically as
>>vpn-xxx-xxx-xxx-xxx.domain.xxx.  The other name server, the one the 
>>Solaris
>>box queries, was setup to lookup the name based on technologies related to
>>DDNS, DHCP, etc.  (Here's where my lack of knowledge is showing.) 
>>Something
>>like, when someone connects, their client can carry a name that their ISP
>>passes on to the name server.  These names are supposed to be deleted when
>>the connection closes, but if it's not closed gracefully, they might not 
>>be
>>deleted for a few days.  He thought it likely that my home machine doesn't
>>have such a name assigned to it, so when I connect there's nothing to
>>overwrite the stale record there (if there is one) for that IP address.
>>Then when the Solaris box tries reverse lookup, it's given the stale name.
>>
>>(1) Can I stick a name on my Windows box (something like 
>>first.last at isp.net)
>>so the stale records are overwritten?
>>(2) What's the name of this technology?  (I tried searching on DDNS, DHCP,
>>BIND, etc, but didn't have enough knowledge to use keywords that would 
>>allow
>>a google search to answer my question.)
>>(3) Is the support guy's explanation accurate?  Or is their name server 
>>not
>>behaving according to specs?
>>
> I think I know what the guy is getting at. Many enterprise products for
> DNS and DHCP (e.g. Nortel's NetID and Lucent's QIP are two that I've
> worked with) have the ability to integrate the two subsystems, i.e.
> whenever a DHCP lease is given out, a fully-qualified DNS name is
> determined for that particular node, and the corresponding name is added
> to DNS. Conversely when a DHCP lease is expired or relinquished, the
> associated DNS name should be deleted. If the client doesn't send a
> "hostname" (DHCP option 12) or a "client FQDN" (DHCP option 81), then
> the DHCP/DNS system may simply make up a name for the client, based on
> defaults, rules and/or heuristics. So if your client is not sending
> either of those and you're getting different addresses from the dynamic
> address range on different VPN connections, your reverse DNS resolution
> may vary and you might see a bunch of "weird" names.
>
> As far as I know there aren't any standards to govern how DNS and DHCP
> are integrated, if at all.
>
> Is this really a problem though? If you ever need to audit your own VPN
> connections, then the contents of your Solaris box'es wtmpx, together
> with the audit history from the DNS/DHCP system, and perhaps also from
> your VPN system, you should have enough information to go on.

Thanks for your kind and informative response.

I don't know enough about these things to say, but I believe you when you 
say an audit could be done.  I'm just a casual end user and occasionally 
help out with the Solaris sysadmin; and the people responsible for the DNS 
don't work for us.  It'd be easiest to just make sure my (Windows XP home 
edition) PC has a hostname.   You wouldn't know how to do that would you? 
:-)

Best,

S

>
>
>                                          - Kevin
>
>
>