Obligatory apology: I did try to search for prior discussion of this topic but didn't come up with anything. Sorry if this is covered territory. :)<div><br></div><div>When using the export-etc-hosts option of pdns_recursor, round-robin PTR records are created in memory for both all aliases associated with each IP address defined in the hosts file. I'm inclined to believe that this is undesirable behavior, as the general standard across platforms is that the first name entry for an IP address in the hosts file is to be considered the canonical name. The current implementation causes problems with software that uses any form of name validation against PTR records (i.e. SSL certs or Kerberos auth).</div>
<div><br></div><div>I am aware of the alternatives of using auth-zone or running a separate authoritative server for the local domain, so this isn't a show stopper for me. Round-robin PTRs do seem a little counter-intuitive though, so I figured it wouldn't hurt to see how others felt about it.</div>
<div><br></div><div><br></div><div>As an example, if /etc/hosts contains the following line:</div><div>192.168.0.1 somehost.mydomain somehost1 somehost2</div><div><br></div><div>Queries against the DNS server will return records like so:</div>
<div><div>somehost:/etc/powerdns# host -t PTR 192.168.0.1</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost1.</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost.mydomain.</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost2.</div>
<div>somehost:/etc/powerdns# host -t PTR 192.168.0.1</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost2.</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost1.</div><div>1.0.168.192.in-addr.arpa domain name pointer somehost.mydomain.</div>
<div><br></div></div><div><div><br></div><div>OS: Debian Squeeze</div><div>Version: 3.2 (OS-supplied binary distro, no recompile)</div></div>