nanog mailing list archives
Re: Performance Issues - PTR Records
From: Mark Andrews <marka () isc org>
Date: Mon, 07 Nov 2011 14:19:35 +1100
In message <CAAAwwbX3-LNd8hRCYwdBGhCamBwjqT6u9Xygf08GmO+RRNJjuA () mail gmail com> , Jimmy Hess writes:
On Sun, Nov 6, 2011 at 7:10 PM, Mark Andrews <marka () isc org> wrote:MacOS and Windows can both populate the reverse zone for you as can dhcp servers. The practice of filling out the reverse zone with fake PTR record [...]OK.. let's say you're a DSL provider. Are you going to have your DHCP server populating the forward and reverse DNS? With what, the account holder's name? somename.example.com ?
With what the machine told you to populate it with. If the hostname isn't specified in the request uses your default naming scheme.
Wouldn't you say blahblah192-168-0-2.city.state.dsl.example.com provides more useful information?
No.
First of all, you know that the IP address is an end user, an access network's end user's one IP address, an endpoint, rather than a subnet assigned to an actual multinode network.
Is it? Even today with IPv4 you don't have to hand out single addresses to customers.
Second of all, you know it's an ISP, and you have city and state information of the network service. This is more useful than arbitrary user made up hostname.
In your opinion. It may not be in the customer's opinion and they are the ones leasing the address.
The hostname is more meaningful on "real networks" such as SMB LANs, Enterprise intranets, web farms, server networks, and other places where generic records should not be assigned, but the PTR should be the actual hostname.
New flash. "real networks" already exist in homes. The only reason they arn't visible outside the home is that ISP's have been ridiculously slow in making IPv6 available to the homes and with that the potential for directly address machines.
If the IP address is dynamic or autoconfigured for _those_ types of networks, then yes, automatic RDNS registration makes sense. If it's static, not so much.
Dynamic DNS registration is also complicated to make secure.... as in preventing hosts from updating other hosts' records or mucking around the zone in other unwanted ways requires complex key management and ACL configuration
No. It's not really complicated to make secure. It's quite possible to prevent machines muking up others records. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: Performance Issues - PTR Records, (continued)
- Re: Performance Issues - PTR Records Paul Ebersman (Nov 04)
- Re: Performance Issues - PTR Records Tom Lanyon (Nov 06)
- Re: Performance Issues - PTR Records Mark Andrews (Nov 06)
- Re: Performance Issues - PTR Records Jimmy Hess (Nov 06)
- Re: Performance Issues - PTR Records Robert Bonomi (Nov 06)
- Re: Performance Issues - PTR Records Chris Adams (Nov 06)
- Re: Performance Issues - PTR Records Tom Lanyon (Nov 06)
- Re: Performance Issues - PTR Records Robert Bonomi (Nov 06)
- Re: Performance Issues - PTR Records Valdis . Kletnieks (Nov 06)
- Re: Performance Issues - PTR Records Jimmy Hess (Nov 07)
- Re: Performance Issues - PTR Records Mark Andrews (Nov 06)
- Re: Performance Issues - PTR Records Brett Watson (Nov 06)
- Re: Performance Issues - PTR Records Bjørn Mork (Nov 06)
- Re: Performance Issues - PTR Records sthaug (Nov 07)
- Re: Performance Issues - PTR Records Leigh Porter (Nov 07)
- Re: Performance Issues - PTR Records Bjørn Mork (Nov 07)
- Re: Performance Issues - PTR Records Leigh Porter (Nov 07)
- Re: Performance Issues - PTR Records Seth Mos (Nov 08)
- Re: Performance Issues - PTR Records Mark Andrews (Nov 08)
- Re: Performance Issues - PTR Records bmanning (Nov 08)
- Re: Performance Issues - PTR Records Jeroen Massar (Nov 08)