Is there a way to declare static hosts more smartest?

Vladimir Skubriev skubriev at cvisionlab.com
Tue May 24 14:40:12 UTC 2016 

Thank you for detailed answer.

I fully agree with you about the security

I understand about what is stored in it.

But I still do not like the DDNS ))



2016-05-24 17:28 GMT+03:00 Simon Hobson <dhcp1 at thehobsons.co.uk>:

>
> On 24 May 2016, at 14:42, Vladimir Skubriev <skubriev at cvisionlab.com>
> wrote:
>
> > I can't find info what information is stored in txt records. It would be
> cool if someone suggested ))
>
> It's a hash of various bits of information - including the client and
> server identity. It's purpose is to make DDNS "safe".
>
> Consider this situation. You have a server which we'll just call "server"
> for simplicity. A client comes along, and it's user (whether through
> ignorance or malice) names his client "server". Without some protection,
> the DHCP server would just update the A and PTR records so that the new
> client took over the identity of "server" - with "very inconvenient"
> results for your network.
>
> To avoid this, the DHCP server generates a hash of several bits of
> information - which includes the identity of the DHCP server. This hash is
> put in a TXT record for any host it does DDNS for - allowing the server to
> later confirm that any records it's about to overwrite or delete were
> actually created by that DHCP server when it was doing updates for a
> client. If there isn't a matching TXT record, then it won't touch any
> existing records.
>
> You'll need to look in the DHCP server code to see exactly what
> information goes in the TXT record, and how the hash is generated.
>
>
> Had to go looking, but I knew the exact update process had been discussed
> before
> https://lists.isc.org/pipermail/dhcp-users/2006-September/001736.html
> Just didn't realise it was quite so long ago.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>



-- 
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20160524/2e0e2f08/attachment-0001.html>

More information about the dhcp-users mailing list