Name based hosts and bind

Barry Margolin barmar at alum.mit.edu
Thu Apr 24 02:34:53 UTC 2008 

In article <fuo6of$1pkm$1 at sf1.isc.org>,
 "Bob Hoffman" <bob at bobhoffman.com> wrote:

> So each ip will have one ptr.
> http://www.bobhoffman.com/forums/viewtopic.php?t=55 is my list so far by the
> way.
> 
> So if I have exmaple.com and example2.com both on the same ip, the arpa file
> will have
> 
> 1.123.123.123 IN PTR localhost.example.com ; example.com is the ip based one
> 
> So any site I use in that ip as a name based will use that PTR record.

Name-based web hosting doesn't use PTR.  It gets the name from the HTTP 
"Host:" request-header, which comes from the URL that was given to the 
browser.

> So mail.example2.com will show up when aol.com checks my mail from
> mail.example2.com and it will not look like it came from mail.example.com?

In mail, the "Received:" header will typically look something like:

Received: from <HELO name> (<ip addr> [<PTR name>]) ...

I've heard of systems that will reject mail if the <HELO name> is not 
the same as the <PTR name>, but this is usually a bad idea.  It causes 
problems on multi-homed hosts, because they don't usually tailor their 
HELO name to the source IP of the SMTP connection.  The more acceptable 
check is that there IS a PTR record, and perhaps that <PTR name> 
resolves to <ip addr> (i.e. forward and reverse consistency).

> As a side note. I did not see anything in the books that dealt with this. If
> the answer to this is above, then I guess it sort of makes sense and I guess
> that is why they skipped even mentioning it...but it just seems 'odd' that
> it would work to resolve ip to name without really mentioning the other
> sites...
> 
> At least that means I do not have to do a reverse for each website, less
> typing!!!
> 
> How would you test if your ptr is really working the way it is supposed too?
> 
> 
> > -----Original Message-----
> > From: bind-users-bounce at isc.org 
> > [mailto:bind-users-bounce at isc.org] On Behalf Of Fr34k
> > Sent: Wednesday, April 23, 2008 2:38 PM
> > To: bind-users at isc.org
> > Subject: Re: Name based hosts and bind
> > 
> > Hello,
> > 
> > Not to say that Jeff needs re-enforcing, but from experience:
> > 
> > We hosted thousands of web sites on one server.
> > We hosted thousands of email domains on another server.
> > 
> > All respective servers had a single PTR, each.
> > That is, only one PTR per IP address.
> > 
> > I hope this helps.
> > 
> > ----- Original Message ----
> > From: Jeff Reasoner <jeff.reasoner at mail.hccanet.org>
> > To: Bob Hoffman <bob at bobhoffman.com>
> > Cc: bind-users at isc.org
> > Sent: Wednesday, April 23, 2008 1:56:29 PM
> > Subject: Re: Name based hosts and bind
> > 
> > Unless it's a mail server you're trying to set up the 
> > existence of or even data in PTR records generally doesn't 
> > matter. You don't need PTR records for Apache virtual hosts, 
> > possibly just for the host itself.
> > 
> > Come to think of it, even if your DNS server was also mail 
> > server and running httpd with namevirtualservers in it's 
> > config, you'd still still only need a valid PTR for the 
> > domain MX to get most of the world to accept your mail.
> > 
> > BTW, you do need to have the IP address block delegated to 
> > you before the world will even query your server for the PTR records.
> > 
> > On Wed, 2008-04-23 at 13:36 -0400, Bob Hoffman wrote:
> > > Hi,
> > > 
> > > Still having fun getting the old webserver up and running.
> > > 
> > > As I am dealing with getting PTR records to work perfectly for the 
> > > first domain, which is also the nameserver domain, I came 
> > across this 
> > > little issue that is not touched upon in the Oreilly or ProDNS 
> > > books.....namebasedhosts sharing the same IP address.
> > > 
> > > The server is both a caching and authoritive for my server and my 
> > > sites on the server. But many sites will be 'name based', 
> > this means 
> > > sharing the same IP address.
> > > 
> > > Since they are sharing the same ip address I find that the 
> > > in-addr.arpa file would be the same one. However, both books stress 
> > > that BIND will choke during use if you have two addresses 
> > listed for 
> > > the same IP as in the example
> > > 
> > > Mysite.com IN PTR 123.123.123.4
> > > Mysite2.com IN PTR 123.123.123.4
> > > 
> > > I would assume that both sites would end up using the same 
> > addr.arpa 
> > > file 123.123.123.IN-ADDR.ARPA due to having the same exact 
> > ip address, nes pas?
> > > 
> > > I did a search online but could not find an example that 
> > showed named 
> > > based and ipbased on the same server/dns configuration. PTR 
> > is fun-duh-mental!
> > > 
> > --
> > Jeff Reasoner
> > HCCA
> > 513 728-7902 voice

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list