DNS was originally designed to support only static changes to a zone database. Because of the design limitations of static DNS, adding, removing, or modifying resource records could only be done manually.

The Windows 2000 implementation of DNS supports the DNS dynamic update protocol. The DNS dynamic update protocol allows client computers to automatically update DNS name servers, so that resource records can be updated without administrator intervention.

Note  For more information on the DNS dynamic update protocol, see RFC 2136.

The DNS dynamic update protocol can be used in conjunction with DHCP to dynamically update resource records when the DHCP address of a computer is released and renewed. When the DHCP client computer receives an IP address from a DHCP server, the server dictates how dynamic updates will occur. The following actions occur by default:

Wherever possible, upgrade or replace servers running static DNS with servers running the Windows 2000 DNS Server service. DHCP and static DNS are not compatible with the synchronization of name resolution data. When DHCP is used in conjunction with static DNS, problems can occur because servers that are running static DNS cannot provide dynamic updates when DHCP client computer configurations change.

Configuring DNS to Allow Dynamic Updates

To configure a zone for dynamic updates, open the Properties dialog box for the zone. On the General tab, click Allow Updates in the Dynamic update list box.

To see a demonstration of configuring DNS to allow dynamic update, click your modem speed or Download below.

      

(Requires the Microsoft Windows Media Player.)

The following table describes the available options for dynamic updates.

Option Description
None Disables dynamic updates for the zone.
Allow Updates Allows all DNS dynamic update requests for the zone.
Allow Only Secure Updates Allows only DNS dynamic updates that use secure DNS for the zone.

The Allow Only Secure Updates option appears in the Dynamic update list only if the zone type is Active Directory integrated. Select this option to enable secure dynamic updates. With secure dynamic updates, the authoritative DNS name server only accepts updates from client computers and servers that are authorized to send dynamic updates. Secure dynamic updates provide the following benefits:

Configuring DHCP to Perform Dynamic Updates

You must configure the DHCP server to perform dynamic updates. Otherwise, the ability to perform DNS dynamic updates is disabled, and the DHCP client computer will attempt to update both the A and PTR resource records. The DHCP server usually deletes the PTR resource record from the DNS database after the client computer's lease expires.

When a DHCP client computer creates a PTR resource record, the DHCP server cannot remove the resource record from the DNS database. This can cause old PTR resource records to appear on servers that are running the DNS Server service.

To configure the DHCP server to enable DNS dynamic updates, open the DHCP console, and then open the Properties dialog box for the DHCP server. Click the Dynamic DNS tab, and then select the Enable dynamic update of DNS client information check box.

Select the Update according to client request option to allow the DHCP client computer to update the A resource record, and the DHCP server to update the PTR resource record.

Select the Always update forward and reverse lookups option to allow the DHCP server to update both the A and PTR resource records, regardless of the DHCP client computer's request.