[cifs-protocol] [EXTERNAL] [MS-DNSP] sticky static dns updates - TrackingID#2106070040005009
douglas.bagnall at catalyst.net.nz
Sun Jun 20 22:38:21 UTC 2021
> I've been reviewing the documentation and source code where we perform operations on the dnsNode. I realize now that scavenging/aging is specific to the resource records, while Tombstoning happens to the dnsNode when connected to AD server. From our source code, it appears the only way we track if a record is static is with the 0 timestamp. I've yet to find any static tracking on the dnsNode itself.
> Can you tell me more about what you're working on and the context of this question? How are you applying the information, and what is the bigger problem you're trying to solve?
I am trying to fix Samba bugs related to scavenging and tombstoning, of
which there are many.
In my tests against Windows I find what looks like indeterminate
behaviour. The DNS, RPC, and LDAP processes all live in their own
timelines, just occasionally syncing up.
As you say, being static is a property of the record in AD, not of the
node. But it seems that it is a property of the node in the DNS server.
And a network can end up with one DNS server that thinks a node is in a
static state, while another DNS server thinks it is in a dynamic state,
with AD having no knowledge of that. An update from a client will have
different effects, depending on which server they choose.
Now, from an interoperability point of view, this is fine. It's like
undefined behaviour for a C compiler: do whatever you want. My original
question focussed on the "does this replicate? if so, how?" partly because
that was the state of my confusion then, but partly also because I thought
it was the kind of question I was allowed to ask, about protocols not
implementations. Now, though, I think I should have asked the more direct
[Sometimes] the DNS server will mark a record created or updated via DNS
update as static when a sibling record is [or was] static. Is this an
important part of how things work? Should it be documented?
I have related questions, like:
[Sometimes] the DNS server will update the timestamp of sibling records
when a record is updated. Is this an important part of how things work?
Should it be documented?
More information about the cifs-protocol