TCP/IP in Windows 2000 Professional

  • Article

Windows 2000 contains an implementation of dynamic update that follows RFC 2136. Dynamic update allows clients and servers to register DNS domain names (PTR resource records) and IP address mappings (A resource records) to an RFC 2136 – compliant DNS server. This frees administrators from the time-consuming process of manually updating DNS entries.

note-icon

Note

A Windows 2000 Professional– based computer can be a member of a Windows 2000 domain without dynamic update, but the network administrator's workload increases significantly because of the work involved in manually updating DNS information.

In Windows 2000, clients can send dynamic updates for three different types of network adapters: DHCP adapters, statically configured adapters, and remote access adapters. Regardless of which adapter is used, the DHCP client service sends dynamic updates to the authoritative DNS server. The DHCP client service runs on all computers regardless of whether they are configured as DHCP clients.

Configuring Dynamic Update for DHCP Clients

By default, Windows 2000–based DHCP clients are configured to request that the client register the A resource record and the server register the PTR resource record. By default, the name used in the DNS registration is a concatenation of the computer name and the primary DNS suffix. You can change this default from within the TCP/IP properties of your network connection.

To change the dynamic update defaults on the dynamic update client

  1. Right-click My Network Places , and then click Properties .

  2. Right-click the connection you want to configure, and then click Properties .

  3. Select Internet Protocol (TCP/IP) , click Properties , click Advanced , and then select the DNS tab.

  4. By default, Register this connection's address in DNS is selected and Use this connection's DNS suffix in DNS registration is not selected, causing the client to request that the client register the A resource record and the server register the PTR resource record. In this case, the name to be used in DNS registration is a concatenation of the computer name and primary DNS suffix of the computer.

You can also select the check box Use this connection's DNS suffix in DNS registration. If you choose this option, the client requests that the server update the PTR record, using the name that is a concatenation of the computer name and the connection-specific DNS suffix. If the DHCP server is configured to register DNS records according to the client's request, the client will then register the following records:

  • The PTR record, using the name that is a concatenation of the computer name and the primary DNS suffix.

  • The A record, using the name that is a concatenation of the computer name and the primary DNS suffix.

  • The A record, using the name that is a concatenation of the computer name and the connection-specific DNS suffix.

To configure the client to make no requests for DNS registration, deselect Register this connection's address in DNS . If this configuration is chosen, the client will not attempt to register any A or PTR DNS records corresponding to this connection.

Statically Configured and Remote Access Clients

Statically configured clients and remote access clients do not communicate with the DHCP server. Statically configured Windows 2000 – based clients dynamically update their A and PTR resource records every time they start, in case the records become corrupted in the DNS database. Remote access clients dynamically update A and PTR resource records when a dial-up connection is made. They also attempt to deregister the A and PTR resource records when the user closes down the connection. However, if a remote access client fails to deregister a resource record within four seconds, it closes the connection, and the DNS database will contain a stale record. If the remote access client fails to de-register a resource record, it adds a message to the event log, which you can view by using the Event Viewer. The remote access client never deletes stale records.

Multihomed Clients

If a dynamic update client is multihomed (has more than one adapter and associated IP address), by default it registers all its IP addresses with DNS. If you do not want it to register all of its IP addresses, you can configure it to not register one or more IP addresses from the properties page for the network connection.

To prevent the computer from registering all its IP addresses

  1. Right-click My Network Places, and then click Properties .

  2. Select the connection you wish to configure, and then click Properties .

  3. Select Internet Protocol (TCP/IP) , click Properties , click Advanced , and then select the DNS tab.

  4. Clear the Register this connection's address in DNS check box.

The dynamic update client does not register all IP addresses with all DNS servers. For example, Figure 22.12 shows a multihomed computer, client1.noam.reskit.com, that is connected to both the Internet and the corporate intranet. Client1 is connected to the intranet by adapter A, a DHCP adapter with the IP address 172.16.8.7. Client1 is also connected to the Internet by adapter B, a remote access adapter with the IP address 131.107.99.1. Client1 resolves intranet names by using a name server on the intranet, NoamDC1, and resolves Internet names by using a name server on the Internet, ISPNameServer.

Cc978179.prcc_11(en-us,TechNet.10).gif

Figure 22.12 Dynamic Update for Multihomed Clients

Notice that although Client1 is connected to both networks, the IP address 172.16.8.7 is reachable only through adapter A, and the IP address 131.107.99.1 is reachable only through adapter B. Therefore, when the dynamic update client registers the IP addresses for Client1, it does not register both IP addresses with both name servers. Instead, it registers the name-to-IP address mapping for adapter A with NoamDC1 and the name-to-IP address mapping for adapter B with ISPNameServer.

You can also configure the computer to register its domain name in DNS. For example, if you have a client that is connected to two different networks, and you want it to have a different domain name on each network, you can configure it to do so.

Disabling Dynamic Update

Dynamic update is configured on Windows 2000 Professional– based clients by default. Dynamic update can be disabled by adding the DisableDynamicUpdate registry entry with a value of 0x1 (REG_DWORD data type) to the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters

to disable dynamic update for all network interfaces on the computer, or

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters\Interfaces\< interface>

to disable dynamic update for the network interface card with the device ID of <interface>.