guarantee RFC standardized hostname

Frank Sweetser fs at WPI.EDU
Thu Aug 25 04:13:20 UTC 2011

On 8/24/2011 11:56 PM, Ted Lemon wrote:
> On Aug 24, 2011, at 7:50 PM, Frank Sweetser wrote:
>> I'm assuming that you don't have any kind of pre-existing records for these
>> hosts? We track all hosts here, and force a hostname to be defined at
>> registration time, with all of the usual validity and uniqueness checks. We
>> then feed this data into our dhcp configuration files, and all client
>> supplied ddns hostname values are summarily ignored.
> What's the threat model here?

Nothing particularly deep or ominous.  We already have DDNS restricted to 
non-critical subdomains, so there's not a huge risk of taking over existing 
FQDNs, but we do require the first portion of the hostname to be unique to 
prevent confusion and ambiguity when people use short hostnames.  Having a 
fixed registered hostname, rather than one that varies on the whims of 
whatever OS partition they booted this time, also makes it much easier to 
track misbehaving hosts, such as a user who left ICS on from their home 
configuration back to the owner or technical contact.  Other benefits have 
cropped up over time, such as targeting configuration change notifications 
only to affected users, or purging hosts owned by users who have left.

Frank Sweetser fs at    |  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |           - HL Mencken

More information about the dhcp-users mailing list