wildcard reverse lookups?
Barry Margolin
barmar at alum.mit.edu
Wed Dec 20 14:00:13 UTC 2006
In article <embddo$1s5$1 at sf1.isc.org>, Karl Auer <kauer at biplane.com.au>
wrote:
> Hi there.
>
> Due to a programming error (IMHO) we have a PTR entry in a reverse zone
> that points to a wildcard. Try "dig -x 129.132.73.148" to see it.
>
> Now I reckon this is a Bad Thing. I reckon reverse lookups should
> resolve to single real names. With this entry, no matter what name
> someone uses, if they have the address 129.132.73.148, their address
> will not resolve back to their name. I can see no use for this entry,
Reverse DNS checks usually start with the PTR record, and then check
whether the name it returns resolves back to the original address. This
works in your case.
> except to confuse machines that don't like asterisks in their DNS diet.
>
> Does anyone else have an opinion on this?
While I'm not sure that it's officially prohibited by the spec, as a
corner case I wouldn't rely on it. Remember the first half of the
Interoperability Principle: Be conservative in what you send.
>
> Regards, K.
>
> PS: BIND loads the entry with a warning about a "bad name", Nominum's
> ANS accepts it without comment.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list