question regarding recommended PTR record configuration with multiple mail sites hosted on same IP
kcd at daimlerchrysler.com
Fri Feb 10 02:30:12 UTC 2006
Gregory Hicks wrote:
>>Date: Thu, 09 Feb 2006 02:17:04 -0600
>>From: Albert Croft <acroft at cyber-wizard.com>
>>To: BIND Users Mailing List <bind-users at isc.org>
>>Subject: question regarding recommended PTR record configuration with multiple
>mail sites hosted on same IP
>>I appologise if I waste anyone's time-I just wish to be clear on something.
>>I often see mentioned that there should be a PTR record set up for a
>>mail server, but what is the recommendation in a case where multiple
>>sites share a mail server? In other words, there exists something like
>>(I can provide actual hostnames/IPs, if needed):
>>host.domain00.com. IN A 220.127.116.11
>>mail.domain01.com. IN A 18.104.22.168
>>mail.domain02.com. IN A 22.214.171.124
>>mail.domain03.com. IN A 126.96.36.199
>>Should there be a PTR record for each name entry? Or just one, and if
>>so, what should it refer to? I seem to recall seeing mention in an older
>>copy of _DNS_and_Bind_ of some systems not behaving properly when seeing
>>multiple PTR records-is this still the norm?
>Pick one name as the 'owner' of the PTR and make a PTR record for that
>The problem with multiple names for PTRs is the way that Bind handles
>multiple names assigned to one IP address. It make a "round robin" out
You call that a "problem"; I call it a feature. If folks are stupid
enough to create multi-record PTRs, then they deserve some
unpredictability in their reverse lookups. In the not too distant past,
BIND had a special case for PTRs (or perhaps it was everything but
A/A6/AAAA records), so that they wouldn't be "round-robin"ed. Apparently
that has now changed. Sometimes you have to be cruel to be kind. These
folks will learn their lessons and change their evil ways.
>I get a reply containing all four records. You would get a
>reply containing all four records but the first record that *I* got
>becomes the last record that you get. Your first record bcomes the
>last record that someone else gets... And so on.
Actually, I think BIND still doesn't implement true "round-robin", where
it keeps state about the last answer given. The default rrset-order is
"cyclic", with the starting record of the set being picked randomly.
More information about the bind-users