Dns updating

To turn off DNS updates on Windows 2000/XP/2003 configured with DHCP clients (refer to Figure 1): To turn off DNS updates on Window Server 2000 running DHCP Server (refer to Figure 2 below): Microsoft Windows Server 2003™ automatically sends DNS updates to each of its DHCP clients.

DNS server list : Domain Controller 1 : Domain Controller 2 Sent update to server : 192.1.1.1 (not a domain controller or DNS server) IP Address(es) : 192.1.1.69 The reason the system could not register these RRs was because the DNS server failed the update request.

Leakage of private DNS updates is caused by inconsistent configuration between DNS servers and DHCP client/server entities.

The following list illustrates a typical example of how a private DNS update leaks out to the global Internet. The DHCP client first sends a query to its local domain name server (LDNS) and asks for the authoritative server for the zone of its domain name (step 3).

In the correct setup, the LDNS should point the DHCP client to a domain name server (could be itself) inside the internal network.

However, in many cases when the DHCP and DNS configurations have inconsistencies, the LDNS may direct the DHCP client to a place outside the local scope, resulting in leakage of private DNS updates to the global network.

The following steps only illustrate how to turn off dynamic DNS updates on Microsoft Windows™ systems.

This section describes how you can setup Power DNS to receive DNS updates from ISC’s dhcpd (version 4.1.1-P1).

This gives the ip ‘127.0.0.1’ access to send update messages.

You do not need to disable dynamic DNS updates if: However, if you have configured your host to act as a DHCP client/server and you make use of the private IP address space (including 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) specified in RFC1918, you should turn off the dynamic DNS update feature.

Only if you know with certainty that the updates get sent only to a local DNS server should you run the Dynamic DNS Updates service.

Leave a Reply