Random DNS-reply

Barry Margolin barmar at alum.mit.edu
Sun Dec 18 17:11:28 UTC 2005


In article <do3tp8$2btn$1 at sf1.isc.org>, Lars <debs at utysket.dk> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi
> I'm running Bind9 on Debina Sarge and it's working fine. Except when pinging
> a hostname with multiple hostnames based on a virtual NIC.
> Fx my web and ftp server is the same server/IP, so they all reply. I tried 
> having only one hostname

You're not getting multiple replies, you're getting one reply to each 
ping packet.

> as a A-record and the rest as CNAME or having them all as A-Records. It
> makes no diference....
> 
> # ping ftp.utysket.dk
> PING ftp.utysket.dk (172.16.0.49) 56(84) bytes of data.
> 64 bytes from ftp.utysket.dk (172.16.0.49): icmp_seq=1 ttl=64 time=0.520 ms
> 64 bytes from intern.utysket.dk (172.16.0.49): icmp_seq=2 ttl=64 time=0.232 
> ms
> 64 bytes from www.utysket.dk (172.16.0.49): icmp_seq=3 ttl=64 time=0.378 ms

This is due to *reverse* DNS, not forward DNS.  ping is translating the 
address 172.16.0.49 back to a name.  Since you have multiple PTR 
records, round-robin DNS is causing a different one to be returned each 
time it does a reverse lookup (actually, to be more precise, the entire 
set is returned each time, but the order changes, and ping displays the 
first one in the set).

If you want a consistent reply, pick one and make that the only PTR 
record.  Another poster said that having multiple PTR records isn't 
allowed, but he's wrong.  Multiple PTR records are OK, but they can 
cause undesirable results like this.

What you *can't* do is ensure that ping will display the same name that 
you used in the command.  For instance, if the PTR record says 
www.utysket.dk, then this is the name that will be displayed when you 
ping ftp.utysket.dk or intern.utysket.dk.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***



More information about the bind-users mailing list