named, update denied.

Danny Mayer mayer at gis.net
Fri Jul 9 12:51:54 UTC 2004 

At 02:25 PM 7/8/2004, Sten Carlsen wrote:
>Danny Mayer wrote:
>>
>>At 04:28 PM 7/7/2004, Sten Carlsen wrote:
>>
>>>
>>>Ok, that is the question. W2k has a default setting in its tcpip
>>>properties that says "update DNS with my name and IP" something like
>>>that. That means it will every 10 seconds or so try to update the
>>>nameserver given to it to reflect its presence. If you don't want this
>>>to happen, you should manually turn this "feature" off in properties for
>>>the network port in question.
>>>
>>>This is much more annoying when you have the nameserver on a dial-up
>>>connection (I had via an ISDN-router) it will call the nameserver to get
>>>that updated about every 10 seconds as long as it is on.
>>>
>>
>>
>>I don't think that's correct. It will try every 10, 20,30, 40, 50, 60 minutes
>>and then recycle back to 10, 20,... until it succeeds. Even if it suceeds
>>it will
>>reregister the address every 24 hours. This is for W2k systems. I read the
>>documentation on this process. I forget where.
>>
>>Danny
>>
>>
>>
>I won't argue these details, I am sure you are right today.
>At the time I experienced this "feature", I have seen that I could just 
>close the connection (telnet the router and issue the command) before it 
>would pop up again. Maybe 1 minute, never as long as 10 minutes. If you 
>pay your own dial-up service, you (I) will notice; I did not keep that 
>going longer than it took to realise what approximately went wrong, so I 
>don't know if it will back off to 60 minutes. This all happened even 
>before servicepack 1 and I had no nameserver on my premises, I had to rely 
>on the ISPs; things may have changed since. Changing (checking) this 
>setting is now a part of my standard setup for any windows host.
>
>I am still sure this is the origin of the suspicious error logs from the 
>original question. And I still consider the default to be wrong for a 
>system like windows (for the desktop).

I told microsoft years ago that the dns updates should be done by the dhcp 
server and
not by the client, not that they listen to me. That way at least you could 
restrict updates
to authorized requestors AND limit the traffic. After all the clients are 
already interacting
with the dhcp server to get and update their IP address when necessary. I 
suspect
they there's something else they want to do with the constant updates but I 
don't know
what.

Danny


>--
>Best regards
>
>Sten Carlsen
>
>Let HIM who has an empty INBOX send the first mail.

More information about the bind-users mailing list