unapporved update

Barry Finkel b19141 at achilles.ctd.anl.gov
Wed Sep 8 16:40:18 UTC 1999


Jim Reid wrote:
>    Barry> If there is interest I can post my summary of the WIN 2000
>    Barry> Workstation dynamic update requests.
>
>Yes please! It would be a great help to the list if people shared
>their experiences with W2K and what it does to the DNS. Those who are
>at the bleeding edge of this technology can help to make it less
>painful for the rest of us.

I am not an expert in Dynamic DNS (RFC 2136), nor am I an expert in
the DNS RFCs (1034/1035), so I may have misinterpreted the DNS
update records sent by the Windows 2000 Workstation computer.
The machine LIZZARD.ctd.anl.gov is at address 146.137.160.161; it
sent numerous dynamic DNS update requests, each in three update
packets:

  1) If (LIZZARD is a CNAME) then return(YXRRSET [7]).
     If (LIZZARD does not point to 146.137.160.161) then return(NXRRSET [8]).
     If ((LIZZARD is not a CNAME) and (LIZZARD points to 146.137.160.161))
           then RETURN(NOERROR).  [No update zone is specified.]

  2) If (LIZZARD is a CNAME) then return(YXRRSET [7]).
     If (LIZZARD fwd pointer exists) then return(YXRRSET [7]).
     If ((LIZZARD is not a CNAME) and (LIZZARD fwd pointer does not exist))
           then add a forward pointer.

  3) Delete any existing reverse pointer for 146.137.160.161, and
     add a reverse pointer for LIZZARD.

Note that the first packet has no update zone.  I assume that this is
only for checking return codes.  But my DNS returns NOTAUTH for
each attempt, and if the MS code were checking return codes, it
would not have sent packets 2) and 3).  If a Windows 2000 Workstation
is online and has a correct IP name and address, then packets 2) and 3)
are OK.  If the machine happens to be on the network with an incorrect
name and/or IP address, then packet 2) will fail if the name is already
registered.  But packet 3) will ALWAYS change the reverse pointer.
This scares me.  On a Windows 2000 Workstation, you can disable the
auto-register via these steps:

    Start
         Settings
               Network and Dialup
                     Local Area
                           Properties
                                Adapter
                                     Protocols
                                          TCP/IP
                                               Advanced
                                                    DNS
    The "Register this name" box should NOT be checked.
    If you have to uncheck the box, then you must reboot to have the
    change take effect.

As I stated in a previous posting, Windows 2000 Server is a different
animal; it uses RFC 2052 extensively.

If anyone wants to see the raw sniffer records and check to see that
I have decoded them properly, let me know; I can send you the raw
records.  I would like some volunteer who knows the RFCs to check my 
work, as these are the first DNS sniffer records I have decoded.
----------------------------------------------------------------------
Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-9689
Building 221, Room B236              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4844             IBMMAIL:  I1004994



More information about the bind-users mailing list