[Non-DoD Source] Re: [DoD Source -- ssshhhh Top Secret] Re: Dumb Question is an A or AAAA record required?

DeCaro, James John (Jim) CIV DISA FE (USA) james.j.decaro3.civ at mail.mil
Thu Jul 9 15:49:32 UTC 2020 

We have an application that queries reverse lookups on clients trying to access it in order to verify the client and its IP are legit and a part of the correct domain/acl.. So if the pointer record does not match, the client is rejected. I don't know if that is relevant in this case, but it provides an example.  




-----Original Message-----
From: bind-users <bind-users-bounces at lists.isc.org> On Behalf Of Michael De Roover
Sent: Thursday, July 9, 2020 11:20 AM
To: bind-users at lists.isc.org
Subject: [Non-DoD Source] Re: [DoD Source -- ssshhhh Top Secret] Re: Dumb Question is an A or AAAA record required?

All active links contained in this email were disabled.  Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser.  




----

On 7/9/20 5:03 PM, Reindl Harald wrote:
> but it still has nothing to do with your domain by definition, the PTR
> could be anything
Of course it can be, they're completely separate name spaces. However 
would it make any sense in practice to point it somewhere else entirely? 
You'd probably be better off not setting it at all then. I'd argue that 
they're meant to match each other.
> but how does that change anything in the simple fact that "Would the
> lack of A records affect pointer records? Seems like it would" given
> that the PTR zone is a dns zone like anything else
> while it's smart (at least when you want to send mails) that your IP has
> a sane PTR and that the name maps back to the IP the dns system couldn't
> care less
My thoughts exactly. They can technically be different and the DNS 
itself indeed couldn't care less (but applications checking for that 
might).. but would it make sense to? I mean yeah I suppose that they can 
exist without the other. Not uncommon for A records to be without PTR 
records, and I guess that a PTR record without an A record could work 
too..? But again, aside from the theoretical possibility, why would you 
want to set your PTR records to not match at least one of your A records?
-- 
Met vriendelijke groet / Best regards,
Michael De Roover
_______________________________________________
Please visit Caution-https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at Caution-https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users at lists.isc.org
Caution-https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list