MacOS 9 Dynamic DNS Update

[Barry Margolin]

In article <200001141921.NAA26990 at achilles.ctd.anl.gov>,
Barry Finkel  <b19141 at achilles.ctd.anl.gov> wrote:
>The topic of MacOS 9 dynamic DNS update was raised earlier this week.
>I have decoded some dynamic DNS traffic between a MacOS 9 system and one
>of our DNS machines.  The MacOS 9 system is
>
>     146.139.224.239 [dhcp-4-239.cmt.anl.gov]
>
>There were five records in the sniffer trace.
>
>1) cmt->dns0 ICMP Echo
>2) cmt->dns0 Register -- In the cmt.anl.gov domain, for entry dhcp-4-239, 
>             add a TXT record with the following text of length 24:
>                   <ETB>swip://146.139.224.239/
>
>             Note that the first character is X'17' (End of Transmission Block).

Hmm, that's the exact length of the text without the ETB character.

>3) dns0->cmt Port 49155 unreachable
>4) cmt->dns0 Register -- In the cmt.anl.gov domain, for entry dhcp-4-239, 
>             add a TXT record with the following text of length 61:
>                   =<afp://146.139.224.239/?NAME=Conner_PPC_G3_300&ZONE=CMT%20205

Actually, the length of that text is 62.  But it's 61 if you don't include
the initial '=' character, whose ASCII code just happens to be 61.  Are you
sure your DNS decoder is correct -- it looks like it's displaying the
length byte as part of the text (although it's conceivable that MacOS is
setting the text data to a counted string for some reason).

>5) dns0->cmt Port 49158 unreachable

What's prompting these unreachables?  They should only be sent in response
to cmt sending packets to these ports on dns0 -- did you leave those out of
your trace?

>We normally do not have TXT records in our DNS zones; I am not sure
>why MacOS 9 is trying to add these TXT strings to DNS.

afp is Appleshare Filing Protocol -- it looks to me like MacOS uses Dynamic
DNS to register availability of servers.  It seems like it's trying to
emulate what happens on Appletalk networks using Apple's proprietary
protocols.  This is essentially the same direction that Microsoft is moving
in for NetBIOS, except that they're using SRV records.

>Note that the responses from dns0 back to cmt are not deliverable,
>as the destination port is unreachable.

That's not what those packets say.  They say that cmt sent something to an
unused port on dns0.  Or did you get the direction backwards?

If you got the direction wrong, it's possible that cmt doesn't bother
waiting for responses to its dynamic updates.  If it's going to ignore an
error response (most sites don't use dynamic DNS, so it would be ridiculous
for every Mac to start putting up alerts when it fails), there's no point
in listening for it.  Since cmt isn't listening on the reply port, it sends
a port unreachable, which dns0 will ignore.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.