Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

DDNS updates - help understanding the basics

[ Edited ]
New Member
Posts: 1
9399     0

Hello, 

 

I need a solution and some help understanding how DDNS works and is updated on Infoblox. What I understand is that the client sends L2 broadcast to a DHCP server, with its MAC address and hostname. Then, the DHCP server provides an IP address to the client, and sends an update to DNS with the clients IP + MAC + Hostname. In DNS, the database is updated with an A + PTR + TXT records for this client. Lets picture an all Infoblox environment, DDNS is enabled and the "Text Record Handling" is set to the default value which I think is ISC. Because of the TXT record, the hostname is married to the clients MAC. 

 

Now the question is, if there are users who have the need to replace the NIC (built-in or discrete) and use the same hostname, this will be problematic because the hostname is already married to the old NIC (MAC), hence the workstation that was replaced, and renamed, will not get a hostname. Besides deleting all records in Infoblox for that hostname (A+PTR+TXT) and the lease expiration, How can DDNS be updated manually from the client? (Without changing settings on Infoblox). 

Re: DDNS updates - help understanding the basics

Adviser
Posts: 109
9400     0

How DDNS is handled with Infoblox DHCP is explained in good detail in the section titled "Configuring DDNS Update Verification" in the NIOS Administrators Guide. Be sure to review this so that there are no surprises with expected behavior.

 

The most common challenge with the ISC TXT record handling mode is actually with laptops where you have a wired and wireless network connection. Thus, you have two IP addresses bound to the same name, but the ISC TXT record handling mode only allows for one. For this, common solutions include:

 

  • Using a different domain for the wired and wireless interfaces to avoid conflicts between the two.
  • Using a different TXT record handling mode (such as check-only).

Both options may pose difficulties in both cases so you would need to review them and decide what would work best for your environment. If you have the ability to use a sub-domain for wireless clients, that would be the preferred option as changing the TXT record handling mode reduces security.

 

In the example that you provided here where an actual NIC is changed (while certainly possible, this is a pretty rare occurrence in my experience), the important thing to note is that once the clients lease expires, its DNS records are cleaned up automatically. You can also clear the lease to accomplish the same, or manually delete the DNS records involved. Then when the client comes back online (or you do an ipconfig /release and ipconfig /renew in the case of a Windows based client), it will be treated as a new transaction and DNS will be updated accordingly.

 

Regards,

Tony

Re: DDNS updates - help understanding the basics

Expert
Posts: 185
9400     0

I've had an absolute nightmare with this in the past, I think I have written at length about it here somewhere, problems with laptops jumping on and off docking stations, switching between wired and wifi, and Windows not going through the full DORA process each time because it remembers that old wired/wifi leases are still valid, meaning DNS doesn't get updated.... oh man the hassle this has caused. In the end I set it to check-only and all the problems went away! Smiley Happy

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: DDNS updates - help understanding the basics

Expert
Posts: 185
9400     0

https://community.infoblox.com/t5/DNS-DHCP-IPAM/Windows-Client-DHCP-and-DNS-Registration/m-p/13194/h...

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Did you mean: 

Recommended for You