AN Lesson-7

 Configuring DHCP Servers to Perform DNS Updates

Default DNS Update Settings for DHCP

• By default, post-Windows 2000 DHCP clients attempt to perform dynamic updates of their host (A) resource records in DNS whenever an address event (such as an address renewal) occurs.
• However, these same clients do not attempt to perform dynamic updates of their PTR resource records; instead, post-Windows 2000 DHCP clients request that the DHCP server attempt to update their PTR resource records in DNS on behalf of the client.

• When the Enable DNS Dynamic Updates According To The Settings Below check box is selected, which is the default, dynamic update is enabled for the DHCP server.
• When it is enabled, either of two options is specified. If the first option, the default, is selected (shown in Figure 7-13), the DHCP server attempts to update resource records only according to the client’s request. When you select the second option, the DHCP server always attempts to update the client’s A and PTR resource records after an address event.

DnsUpdateProxy Security Group

• You can configure a Windows Server 2003 DHCP server so that it dynamically registers both A and PTR resource records on behalf of DHCP clients.
• In this configuration, the use of secure dynamic updates with Windows Server 2003 DNS servers can occasionally lead to stale resource records. Because secure dynamic updates require that the owner of a resource record update that record, resource records are not updated if your configuration ever changes.

For example, suppose the following sequence of events occurs:

1. A Windows Server 2003 DHCP server (DHCP1) performs a secure dynamic update on behalf of one of its clients for a specific DNS domain name.

2. Because DHCP1 successfully created the name, DHCP1 becomes the owner of the name.

3. Once DHCP1 becomes the owner of the client name and associated resource records, only DHCP1 can update the name or its IP address.