Dynamic Updates : filter hostnames

Gregory Hicks ghicks at cadence.com
Wed Oct 12 17:40:55 UTC 2005 

> From: kriskaido at gmail.com
> Date: 12 Oct 2005 06:31:07 -0700
> 
> Hi,
> 
> I implemented a BIND server for my company and all PCs are DHCP enabled
> with dynamic IP addresses and dynamic DNS updates in BIND. In brief,
> each workstation receives its dynamic IP address via DHCP, and updates
> its name into BIND.
> 
> This is OK, but the problem is that I'd like to filter which hostnames
> are being introduced in my zone files.
> 
> For example, the workstation name "workstation003.internal.example.com"
> is OK, it updates its A record in the  "internal.example.com.hosts"
> file, and its IP address 192.168.1.1 in "192.168.rev.hosts" file.
> 
> But when a computer boots on the network with the following name and
> the same IP address as above : "blablafoohostname.zozo.google.xxx", the
> update in the zozo.google.xxx obviously fails, but it updates the
> 192.168.rev.hosts file with 192.168.1.1 and in that file we have
> something like this :

Kris:

This actually sounds like a process problem and not a Bind problem.
You need a PROCESS to uniquely name your machines.

While it is perfectly legal to have two names map to the same IP
address or to have multiple IP addresses map to the same name, in
practice, unless the machine (note SINGULAR "machine") using the same
IP address *actually is* one machine, then the multiple machines are
going to cause problems for each other.

At least one OS that I am familiar with refuses to bring the network
interface up if it detects another interface with that same name/IP
address already on the network.  This OS checks periodically to see if
that "other" machine is still around.  If so, it still does not come
up.

If there are two machines using the same IP address, and the OS is up
and running, AND we try to get network traffic to one of these
conflicting machines, we actually have non-deterministic networking...
This is neither necessary nor desired because, we open a connection
with one machine while the other machine actively sets up the
connection also.  I send traffic.  The faster machine replies.  I send
an answer and now the OTHER machine *may* reply...

Not good.

Fix the process naming please.

My $0.02 worth.  YMMV.  (Standard disclaimers about merchantability,
usability and such apply.)

Regards,
Gregory Hicks
[...]

-------------------------------------------------------------------
Gregory Hicks                        | Principal Systems Engineer
Cadence Design Systems 
555 River Oaks Pkwy M/S 6B1
San Jose, CA 95134

I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

More information about the bind-users mailing list