On a non-domain network, why is that when I spin up a new windows VM that all my other Windows devices can automatically resolve its hostname? I never add a DNS record to our DNS server, nor do I see one get created. Also, I never edit the hosts file and add a manual entry. Is this Dynamic DNS? Is this proprietary to Windows?
I figured that since I wasn't adding a hosts file entry, that the resolution must have been happening via our DNS server. To me, this implied that the new machine must be making some generic DNS broadcast (sort of like a DHCP request). So I monitored a Wireshark capture throughout the whole configuration of the VM, start to finish, filtering for packets going to my DNS server. I saw two packets originate from a new IP that I didn't recognize. Sure enough, it was ip of the new machine. These were the two packets:
10.11.0.90 10.11.12.224 53 DNS 76 Standard query 0xd53a A time.windows.com 10.11.0.90 10.11.12.224 53 DNS 76 Standard query 0x7bdd A dns.msftncsi.com
But these don't appear to be doing anything like "add an A record for me DNS server". Just fetching the times server, and network connectivity status. So where's the magic happening??
No comments:
Post a Comment