[cifs-protocol] [REG:116052414204136] [MS-GSSA] DDNS TSIG MAC calculation vs DNS name compression
obaidf at microsoft.com
Wed Jun 8 16:52:14 UTC 2016
Thanks. I'll concentrate more on server.
Obaid Farooqi | Escalation Engineer
From: Ralph Boehme [mailto:slow at samba.org]
Sent: Wednesday, June 8, 2016 11:16 AM
To: Obaid Farooqi <obaidf at microsoft.com>
Cc: metze at samba.org; Garming Sam <garming at catalyst.net.nz>; cifs-protocol at lists.samba.org; MSSolve Case Email <casemail at microsoft.com>
Subject: Re: [REG:116052414204136] [MS-GSSA] DDNS TSIG MAC calculation vs DNS name compression
On Tue, Jun 07, 2016 at 06:55:44PM +0000, Obaid Farooqi wrote:
> I'll need some traces from you to figure out why the client does not
> like compression. It is obvious that it does support compression by
> looking at the network captures.
yes it does support it generally, but it doesn't like it in DNS TKEY/TSIG records. :)
> Please let me know the version of windows client that is exhibiting
> error scenario with Samba DNS. After I know the Windows version, I'll
> send you some bits to collect some traces.
I'm mainly interested in how Windows server behave. Even if newer Windows clients may support name compressed DNS TKEY records and not choke when receiving such a packet, I'd prefer stick to actual Windows DNS server behaviour, that's why I was asking for clarification about actual server behaviour.
In my limited tests with Windows servers (iirc Windows 2008r2), it didn't use name compression in DNS TKEY/TSIG recorsds.
Thanks for you help!
More information about the cifs-protocol