denied update from [an IP I don't know] for "my domain"

Barry Finkel b19141 at
Thu Feb 21 15:35:49 UTC 2002

Régis" <regis at> wrote (in part):

>> Here is the message number (it is the real one, I didn't change anything):
>> Feb 20 20:40:46 mensmagna named[14052]: denied update from
>> [].3971 for "" IN

"sanjay" <indianlinuxuser at> replied:

> It must be coming from Win 2K machine(stupid MS). It is a bug actually in
> win 2k.

The message means that a machine at IP address

sent in a dynamic DNS request to your DNS server, and your DNS server
refused to honor the request because you have not authorized DDNS
from that IP address.

There is no proof that the machine at address

is a W2k machine.  That IP address is registered in DNS as

and I doubt that BellAtlantic (aka Verizon) would be running BIND
8.2.5-REL on a W2k server.  I (and others) believe that Microsoft made
a design flaw when it made W2k workstations self-register (via DDNS) as
the default.  It is a bad choice of defaults, it is NOT a bug.

As for why that nameserver is sending a DDNS packet to your DNS server,
you need to contact

     dnsadmin at

That is the e-mail address in the SOA for the

Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list