ignore client-updates

Martin McCormick martin at dc.cis.okstate.edu
Wed Sep 4 21:00:05 UTC 2013

Chris Buxton writes:
> Where did you read that?
> I would use 'deny client-updates' rather than 'ignore'. I would certainly 
> not suddenly switch to 'allow', for exactly the reasons you gave ? it 
> wreaks havoc. (But why are your DNS zones accepting updates from clients?)

	I think this is turning out to be a misunderstanding on
our part as in me and my coworkers.

	we were set up for years to allow clients who had
configured their own host names to register the left-most part
of their name when obtaining a dynamic lease. A static bootP
registration uses a name we provided, usually at the client's
request, but still, we provided it and the client system
couldn't change it.

	We were under the impression that denying client-updates
was deprecated and so we started allowing them which is causing the
Active Directory systems to begin registering reverse A records
with the ad.okstate.edu fqdn. The directive is working exactly
as advertised so here is another question as I begin the process
of persuading my coworkers that we need to go back to our
original settings.

	We were originally set to 
ignore client-updates;
This was mainly because we didn't want to log attempts but let
them silently occur. If we went to deny client-updates, what
would be the difference?

	Thanks for the information.

Martin McCormick

More information about the dhcp-users mailing list