a Strange Deletion
Glenn.Satchell at uniq.com.au
Wed Mar 22 18:16:39 UTC 2006
Are you using the interim ddns update style? Is there a corresponding
TXT record in the zone matching the hostname of the A record? dhcpd
uses a TXT record with a hash of the client ID as a key so that it
knows if it is allowed to delete an A record. Do you allow hosts to
update their own A records, or is only the dhcp server allowed to do
If you're using the ad-hoc schems then it doesn't have this protection,
maybe you should change over?
>To: dhcp-server at isc.org
>Subject: a Strange Deletion
>Date: Wed, 22 Mar 2006 12:04:27 -0600
>From: Martin McCormick <martin at dc.cis.okstate.edu>
> I recently found out that an A record in our zone disappeared
>mysteriously several days ago. After using the journalprint function
>of bind and matching the serial number, I found out that the dhcp
>server appears to be the one that removed the record. The event that
>triggered the removal was what appears to be the expiration of a lease
>in the same subnet, but with a totally different IP address.
> I have seen A records go poof when there are multiple hosts
>that all "think" they should have the same name. They keep stepping
>on each other and zapping the forward lookup, but usually the reverse
> The A record in question was not even in the dhcp lease range
>for that network and the only things tying it all together are the time,
>down to the second that it occurred as well as the zone name.
> Basically, I look at the journal and see ad2.ceat.okstate.edu
>deleted in zone X at the very second that a personal work station's
>lease, also in ceat.okstate.edu expired and the forward and reverse
>maps were removed by our dhcp server. The dhcp server, however, did
>not remove the reverse map for the system whose forward A record got
>clobbered so I really think this didn't just glitch and remove the
> Does anyone have any idea what could have transpired to cause
>this to happen?
> Thank you.
>Martin McCormick WB5AGZ Stillwater, OK
>OSU Information Technology Department Network Operations Group
More information about the dhcp-users