|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: is your host or dhcp server sending dns dynamic updatesforrfc1918?
"Martin J. Levy" wrote:
> I wanted to add a flag to bind to "silently ignore" these requests, but
> alas this is not a good solution for reverse-dns private space.
I have a very simple patch to BIND 8.3.1 to create a category just
for these requests so that they can easily be sent to the null channel.
Happy to send it on if anyone is interested.
Also, since I operate authoritative DNS servers for our
*mumble*BIGNUM*mumble* customers, we used to get besieged by these update
requests from our eager new customers who named their home (or office,
whatever) computers in their shiny new domain name. At one point, the
server listed in the MNAME field of the SOA got more update requests than
queries! My solution for this was to change the MNAME field to
no-dyn-updates.san.yahoo.com, which resolves to the loopback address.
(After overcoming tremendous temptation to make it resolve to
207.46.138.20.) W2k's behavior here is truly horrible... it sends 5
requests at startup, then keeps sending requests, apparently forever, till
it gets an answer it thinks it likes.
Before taking this step, I tested it fairly thoroughly, and got
the advice of some windows experts on whether this would break things.
It's been in place for about 6 months now, and so far we haven't heard a
single complaint. The only problem this ever causes is when registering
domains through certain ccTLD registries that require MNAME to be one of
the servers listed in the NS set. <Insert typical legal disclaimer here
about if you try this, you're on your own, etc.>
--
Doug Barton, Yahoo! DNS Administration and Development
If you're never wrong, you're not trying hard enough.
Do YOU Yahoo!?
|