BIND 8.2.3 verus 9.x.x ?? in production
Jim Reid
jim at rfc1035.com
Tue Mar 27 22:24:24 UTC 2001
>>>>> "Brad" == Brad Knowles <brad.knowles at skynet.be> writes:
Brad> You really, really don't want to load down your web
Brad> servers by having them do all sorts of unnecessary
Brad> interactive DNS queries just so that they can stuff
Brad> hostnames in a log (which can change, although IP addresses
Brad> won't). No, you want these machines spending most of their
Brad> time doing the thing they were designed to do -- serving up
Brad> web pages.
Indeed. And by logging the IP addresses, it means that you don't get
confused by bad people who try to spoof your logs by making reverse
lookups return a string that looks like a dotted decimal IP address:
ie dig -x 10.9.8.7 returns the name 172.16.1.2 or something like that.
More information about the bind-users
mailing list