[cifs-protocol] [EXTERNAL] [MS-DNSP] sticky static dns updates - TrackingID#2106070040005009

Douglas Bagnall douglas.bagnall at catalyst.net.nz
Sun Jun 20 22:38:21 UTC 2021

hi Jeff,

> I've been reviewing the documentation and source code where we perform operations on the dnsNode. I realize now that scavenging/aging is specific to the resource records, while Tombstoning happens to the dnsNode when connected to AD server. From our source code, it appears the only way we track if a record is static is with the 0 timestamp. I've yet to find any static tracking on the dnsNode itself.
> Can you tell me more about what you're working on and the context of this question? How are you applying the information, and what is the bigger problem you're trying to solve?

I am trying to fix Samba bugs related to scavenging and tombstoning, of 
which there are many.

In my tests against Windows I find what looks like indeterminate 
behaviour. The DNS, RPC, and LDAP processes all live in their own 
timelines, just occasionally syncing up.

As you say, being static is a property of the record in AD, not of the 
node. But it seems that it is a property of the node in the DNS server. 
And a network can end up with one DNS server that thinks a node is in a 
static state, while another DNS server thinks it is in a dynamic state, 
with AD having no knowledge of that. An update from a client will have 
different effects, depending on which server they choose.

Now, from an interoperability point of view, this is fine. It's like 
undefined behaviour for a C compiler: do whatever you want. My original 
question focussed on the "does this replicate? if so, how?" partly because 
that was the state of my confusion then, but partly also because I thought 
it was the kind of question I was allowed to ask, about protocols not 
implementations. Now, though, I think I should have asked the more direct 

[Sometimes] the DNS server will mark a record created or updated via DNS 
update as static when a sibling record is [or was] static. Is this an 
important part of how things work? Should it be documented?

I have related questions, like:

[Sometimes] the DNS server will update the timestamp of sibling records 
when a record is updated. Is this an important part of how things work? 
Should it be documented?


More information about the cifs-protocol mailing list