The following list illustrates a typical example of how a private DNS update leaks out to the global Internet. The DHCP client first sends a query to its local domain name server (LDNS) and asks for the authoritative server for the zone of its domain name (step 3).Once the DHCP client receives a response (step 4), it sends the update to the indicated server (step 5).While this service can reduce administrative overhead, it also can, and does, have deleterious effects on the larger Internet by leaking traffic regarding private IP addresses that should never leave the local area network.You do not need to disable dynamic DNS updates if: However, if you have configured your host to act as a DHCP client/server and you make use of the private IP address space (including 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) specified in RFC1918, you should turn off the dynamic DNS update feature.You just replaced a computer; the old computer is off the network and had held the DHCP IP address of 192.168.0.10.You bring the new computer online and it obtains a DHCP lease for the same IP address. However, when you try to resolve the name of the new computer, the old computer's name still comes up. Here's how we'll start the troubleshooting process: 1.If it's started, ensure there's no events in the computer's System event log that indicate a problem. Check the advanced DNS client NIC setting The "Register this connection's addresses in DNS" should be on by default, but we've seen instances where it's disabled through some kind of policy.This must be checked for the DDNS process to proceed.
Let's demonstrate a typical troubleshooting scenario that you may come across with DDNS.
The default configuration not only wastes global Internet resources but also introduces a multitude of security, privacy and intellectual property concerns.
Leakage of private DNS updates is caused by inconsistent configuration between DNS servers and DHCP client/server entities.
If you're not familiar with how DDNS and AD work together, you may not realize just how many moving parts there are with this product (check out Understanding Dynamic Update from Technet to learn more).
When one link in the chain fails, records may stop getting updated or may even get removed altogether inadvertently!
``So what if my host leaks a few packets to the global Internet? '' The reason is that inconsistent configuration between your home hosts and your local DNS servers can, and often does, cause leakage of DNS updates for private IP addresses to the global Internet.