[prev in list] [next in list] [prev in thread] [next in thread]
List: cifs-protocol
Subject: Re: [cifs-protocol] [EXTERNAL] [MS-DNSP] sticky static dns updates - TrackingID#2106070040005009
From: Jeff McCashland via cifs-protocol <cifs-protocol () lists ! samba ! org>
Date: 2021-06-29 20:06:55
Message-ID: MW4PR21MB190615BF7D5D7A3684F44F07A3029 () MW4PR21MB1906 ! namprd21 ! prod ! outlook ! com
[Download RAW message or body]
Hi Douglas,
I've been able to confirm that when a static record is added to a dnsNode, new \
records are added as static. This is done so that when a record is manually marked as \
static by an admin, refreshes don't over-ride the static state. This is tied to \
whether aging is turned on or off in the zone, which has been a feature of DNS since \
WS 2008. You can query the zone's aging property using the "Get-DnsServerZoneAging" \
powershell cmdlet.
I can also confirm that when a record gets its timestamp refreshed, all of the \
dynamic records in the dnsNode are refreshed. DNS has always worked this way.
Best regards,
Jeff McCashland | Senior Escalation Engineer | Microsoft Protocol Open Specifications \
Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific \
Time (US and Canada) Local country phone number found here: \
http://support.microsoft.com/globalenglish | Extension 1138300 We value your \
feedback. My manager is Natesha Morrison (namorri), +1 (704) 430-4292
-----Original Message-----
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Sent: Sunday, June 20, 2021 3:38 PM
To: Jeff McCashland <jeffm@microsoft.com>; Andrew Bartlett <abartlet@samba.org>; \
cifs-protocol <cifs-protocol@lists.samba.org>
Cc: Jeff McCashland <jeffm@microsoftsupport.com>
Subject: Re: [cifs-protocol] [EXTERNAL] [MS-DNSP] sticky static dns updates - \
TrackingID#2106070040005009
hi Jeff,
> I've been reviewing the documentation and source code where we perform operations \
> on the dnsNode. I realize now that scavenging/aging is specific to the resource \
> records, while Tombstoning happens to the dnsNode when connected to AD server. From \
> our source code, it appears the only way we track if a record is static is with the \
> 0 timestamp. I've yet to find any static tracking on the dnsNode itself.
> Can you tell me more about what you're working on and the context of this question? \
> How are you applying the information, and what is the bigger problem you're trying \
> to solve?
I am trying to fix Samba bugs related to scavenging and tombstoning, of which there \
are many.
In my tests against Windows I find what looks like indeterminate behaviour. The DNS, \
RPC, and LDAP processes all live in their own timelines, just occasionally syncing \
up.
As you say, being static is a property of the record in AD, not of the node. But it \
seems that it is a property of the node in the DNS server. And a network can end up \
with one DNS server that thinks a node is in a static state, while another DNS server \
thinks it is in a dynamic state, with AD having no knowledge of that. An update from \
a client will have different effects, depending on which server they choose.
Now, from an interoperability point of view, this is fine. It's like undefined \
behaviour for a C compiler: do whatever you want. My original question focussed on \
the "does this replicate? if so, how?" partly because that was the state of my \
confusion then, but partly also because I thought it was the kind of question I was \
allowed to ask, about protocols not implementations. Now, though, I think I should \
have asked the more direct question:
[Sometimes] the DNS server will mark a record created or updated via DNS update as \
static when a sibling record is [or was] static. Is this an important part of how \
things work? Should it be documented?
I have related questions, like:
[Sometimes] the DNS server will update the timestamp of sibling records when a record \
is updated. Is this an important part of how things work? Should it be documented?
Douglas
_______________________________________________
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic