Multiple PTRs for the same IP
ross at kallisti.us
Sat Jan 27 00:53:23 UTC 2007
On Sat, Jan 27, 2007 at 10:25:22AM +1100, Mark Andrews wrote:
> > I'm trying to find something "official" that states, or explains, why multiple
> > PTRs for the same IP are not a very good idea.
> They are not a good idea because they don't scale. In the
> past large web hosters attempted to put a PTR record for
> every virtual site on their servers. This ends up exceeding
> the limits of normal query resolution support. You get
> truncated TCP responses. You have to resort to AXFR to
> retrieve the PTR records.
Speaking as a someone who works in network operations at a decently
sized hosting company, I can confirm this is the case. Our DNS
management application used to automatically create a PTR record for
any domain, including virtually hosted domains. We had a customer
that (in this case it was intentional...) created over 10000 PTRs
for the same IP!
This causes very serious query latency issues, in addition to the
answer size issues Mark mentions. This problem bites particularly
hard if you use the MySQL backend to DLZ, as queries and answers are
serialized. Imagine not being able to answer queries while someone is
sucking down 10k DNS records from your DB....
> > Does anyone know of an RFC that discusses this (hopefully, in our favor that
> > multiple PTRs for the same IP is not a good thing).
> > Some other similar reputable source, perhaps, I can reference?
RFC1035 describes PTR records as a bit more general than just as
pointing to IPs. Rather, they merely point to other places in the DNS
hierarchy. The fact that they are mostly only used in reverse zones
with an IP's octet is kind of incidental from the RFC's point of view.
ross at kallisti.us
"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37
More information about the bind-users