Multiple PTR Records from One IP Address

Fr34k freaknetboy at yahoo.com
Tue Feb 26 20:12:35 UTC 2008 

Hello,

Multiple PTRs are a "customer education issue".
Often, as you suspect, a customer will believe they need multiple PTRs to match the multiple A records for such things as virtual hosting email or websites.

In the case of email hosting, I typically explain to them that while they can host 5 billion email domains, a node on the Internet only has one name as far as that node's hostname is concerned.
For example, the hostname that is passed during the initial SMTP 220 helo communication.

Typically, I tell them that the PTR should match this name as most beneficial for anti-abuse measures.
Need more ammo? Look at the full header of any out-bound email which shows the single hostname and how this does NOT change regardless the 5 billion hosted email domains on the server.

Same with a web server hosting 5 billion websites.

Make it your policy for only one PTR per IP address and stop the madness.
Spread the word -- friends don't let friends use multiple PTRs.

I hope this helps -- Chris


----- Original Message ----
From: "Persiko, Mark" <Mark.Persiko at Level3.com>
To: "bind-users at isc.org" <bind-users at isc.org>
Sent: Tuesday, February 26, 2008 2:24:26 PM
Subject: Multiple PTR Records from One IP Address

Hello,
We have customers who want to name serve multiple hostnames off of a single IP address.  I am aware of two objections to this practice (feel free to correct my thinking here):

1)  Resolvers (most, or many, or some?) will only use the first hostname received in an answer to a PTR query for an IP address, and will throw the rest away anyway, thus causing indeterminate behavior.

2) Too many PTR records (or resource records of any type, for that matter) will cause a name server to send a response packet via TCP, if the maximum allowable UDP packet size is exceeded by the size of the response.  Too many such response packets clog network resources.

I have yet to determine the customers' true business objectives, but I am assuming that they are either or both of:

1) A customer has multiple e-mail domains, but only a single, public IP address, and wants all e-mail domains names to show up in reverse DNS lookups.

2) A customer is hosting multiple, virtual web sites from a single, public IP address, and wants the reverse lookup for the IP address to correspond to all web site FQDN's.

Any thoughts on this are most welcome, especially on how to accomplish the same objectives in other ways.

Thanks in advance!

- Mark

- Mark C. Persiko, Level 3 Communications
- mark.persiko at level3.com<mailto:mark.persiko at level3.com>

More information about the bind-users mailing list