Filter
Top Products
client’s PTR RR. Also, the DHCP server will remove the corresponding A records if
configured to ”Discard forward lookups when leases expire.”
Statically Configured Client
A statically configured client does not communicate with the DHCP server and
dynamically updates both A and PTR RRs every time it boots up, changes its IP
address or per-adapter domain name.
RAS Client
A RAS client behaves in the same manner as a statically configured client in that no
interaction occurs between the client and the DHCP server. The client is
responsible for dynamically updating both A and PTR RRs. The RAS client attempts
to delete both records before closing the connection, but the records remain stale if
the update failed for some reason (for example, the DNS server was not running at
that time). The records also remain stale if the line goes down unexpectedly. In
these cases a RAS server attempts deregistration of the corresponding PTR record.
Client Reregistration
One of the benefits of Dynamic Update is its ability to reregister RRs in DNS, which
provides a certain level of fault tolerance in case some records in a zone become
corrupted. DHCP server automatically reregisters the DNS records that it registered
upon renewal of the lease. The Windows 2000-based clients reregister their DNS
records every 24 hours. This value could be changed by specifying REG_DWORD
DefaultRegistrationRefreshInterval value under the HKLM\System\
CurrentControlSet\Services\Tcpip\Parameters registry key.
Note: When a client registers in DNS, the associated RRs include TTL, which by
default is set to 20 minutes. This can be changed by specifying REG_DWORD
DefaultRegistrationTtl value under the HKLM\System\CurrentControlSet\
Services\Tcpip\Parameters registry key.
Dealing with Name Conflicts
If, during Dynamic Update registration, a client discovers that its name is already
registered in DNS with an IP address that belongs to some other machine, by
default the client deletes the existing registration and registers its own RRs in its
place. By using the appropriate registry key, this behavior may be disabled and the
client will back out of the registration process and log the error in the Event Viewer.
The first scenario allows you to remove stale records, but is vulnerable to malicious
attacks. The second scenario has opposite effect. The problem of deletion of
existing records when name collision takes place is resolved by using Secure
Dynamic Updates (described in the next section). In this case only the owner of the
existing record can update it.
Secure Dynamic Update
The DS integrated zones may be configured to use a Secure Dynamic Update.
Access Control Lists, as mentioned in “Controlling Access to Zones,” specify the list
of groups or users allowed to update resource records in such zones. The
Windows 2000 DNS implementation of the Secure Dynamic Update is based on the
Windows 2000 White Paper 18