[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Mail Server Names

Subject: Re: [cobalt-users] Mail Server Names
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Thu Nov 2 17:12:00 2000
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

John Cordeiro wrote:

> can you refer me to a document on this, I have always set up DNS this way.

Sure, I'll refer you to my own document.  Of course if you want to wait
until I get the book published, that's okay with me <smile>:

The relevant RFCs say only one reverse.  Therefore no program is
required to deal with more than one.  What's the purpose of reverse
DNS?  To identify the machine, right?

It can't identify the virtual server for the requester because your DNS
server has no idea which record to return.

Since there's no specific "right" way to implement reverse DNS when
there's more than one record, programs may implement it any way they
want.  Here are several ways programs _may_ implement reverse DNS when
there's more than one record:

Return only the first record.  Which may or may not be the one that
should be returned for the given request.

Return a record at random.  Which may or may not be the one that should
be returned for the given request.

Return the next record in order.  Which may or may not be the one that
should be returned for the given request.

Return all the records.  Which may or may not overflow the buffer and
crash the program or cause a security problem.

> Never new any different way.

Nevertheless, multiple PTR records for one IP# is still wrong.  Don't
feel bad, lots of people have been taught it, but it's still wrong.  See
all the relevant RFCs, and O'Reilly's "DNS and Bind" book.

> What if the server is on a non route IP and you use NAT with one public IP.

Read my explanation above; you'll see it still doesn't make any
difference.  PTR records should always point to a machine; not a
domain.  So in this case I'd point to the machine name of the machine
doing the NAT.  For example, for my office in Riverside, I could have a
PTR record pointing to "riversidegateway.nobaloney.net".

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

References:
- RE: [cobalt-users] Mail Server Names
  - From: John Cordeiro

Prev by Date: [cobalt-users] Bad referal in logs
Next by Date: Re: [cobalt-users] Mail Server Names
Previous by thread: Re: [cobalt-users] Mail Server Names
Next by thread: RE: [cobalt-users] Mail Server Names

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index