Manuals / Microsoft / Computer Equipment / Server

Microsoft windows 2000 DNS manual Statically Configured Client, RAS Client, Client Reregistration

Models: windows 2000 DNS

1 70
Download 70 pages 57.46 Kb
Page 24
Image 24
Statically Configured Client

client’s PTR RR. Also, the DHCP server will remove the corresponding A records if configured to ”Discard forward lookups when leases expire.”

Statically Configured Client

A statically configured client does not communicate with the DHCP server and dynamically updates both A and PTR RRs every time it boots up, changes its IP address or per-adapter domain name.

RAS Client

A RAS client behaves in the same manner as a statically configured client in that no interaction occurs between the client and the DHCP server. The client is responsible for dynamically updating both A and PTR RRs. The RAS client attempts to delete both records before closing the connection, but the records remain stale if the update failed for some reason (for example, the DNS server was not running at that time). The records also remain stale if the line goes down unexpectedly. In these cases a RAS server attempts deregistration of the corresponding PTR record.

Client Reregistration

One of the benefits of Dynamic Update is its ability to reregister RRs in DNS, which provides a certain level of fault tolerance in case some records in a zone become corrupted. DHCP server automatically reregisters the DNS records that it registered upon renewal of the lease. The Windows 2000-based clients reregister their DNS records every 24 hours. This value could be changed by specifying REG_DWORD DefaultRegistrationRefreshInterval value under the HKLM\System\ CurrentControlSet\Services\Tcpip\Parameters registry key.

Note: When a client registers in DNS, the associated RRs include TTL, which by default is set to 20 minutes. This can be changed by specifying REG_DWORD DefaultRegistrationTtl value under the HKLM\System\CurrentControlSet\ Services\Tcpip\Parameters registry key.

Dealing with Name Conflicts

If, during Dynamic Update registration, a client discovers that its name is already registered in DNS with an IP address that belongs to some other machine, by default the client deletes the existing registration and registers its own RRs in its place. By using the appropriate registry key, this behavior may be disabled and the client will back out of the registration process and log the error in the Event Viewer. The first scenario allows you to remove stale records, but is vulnerable to malicious attacks. The second scenario has opposite effect. The problem of deletion of existing records when name collision takes place is resolved by using Secure Dynamic Updates (described in the next section). In this case only the owner of the existing record can update it.

Secure Dynamic Update

The DS integrated zones may be configured to use a Secure Dynamic Update. Access Control Lists, as mentioned in “Controlling Access to Zones,” specify the list of groups or users allowed to update resource records in such zones. The Windows 2000 DNS implementation of the Secure Dynamic Update is based on the

Windows 2000 White Paper

18

Page 23 Page 25
Page 24
Image 24
Microsoft windows 2000 DNS Statically Configured Client, RAS Client, Client Reregistration, Dealing with Name Conflicts
Page 23 Page 25