[Pdns-dev] pdns_recursor, export-etc-hosts creates round-robin PTRs
bert hubert
bert.hubert at netherlabs.nl
Mon Jul 25 15:26:14 CEST 2011
On Sat, Jul 23, 2011 at 06:07:44PM -0400, Andrew Boling wrote:
> canonical name. The current implementation causes problems with software
> that uses any form of name validation against PTR records (i.e. SSL certs or
> Kerberos auth).
Well.. I don't think that gets you far anyhow.
> I am aware of the alternatives of using auth-zone or running a
> separate authoritative server for the local domain, so this isn't a show
> stopper for me. Round-robin PTRs do seem a little counter-intuitive though,
> so I figured it wouldn't hurt to see how others felt about it.
What we did was copy the behaviour of djbdns and several other tools that do
it in this way.
Was your question theoretical or is it actually breaking some things for
you?
We could of course add a flag to switch behaviour, but I'd only do so if
someone is really hurt by what we do now.
--
PowerDNS Website: http://www.powerdns.com/
PowerDNS Community Website: http://wiki.powerdns.com/
>
>
> As an example, if /etc/hosts contains the following line:
> 192.168.0.1 somehost.mydomain somehost1 somehost2
>
> Queries against the DNS server will return records like so:
> somehost:/etc/powerdns# host -t PTR 192.168.0.1
> 1.0.168.192.in-addr.arpa domain name pointer somehost1.
> 1.0.168.192.in-addr.arpa domain name pointer somehost.mydomain.
> 1.0.168.192.in-addr.arpa domain name pointer somehost2.
> somehost:/etc/powerdns# host -t PTR 192.168.0.1
> 1.0.168.192.in-addr.arpa domain name pointer somehost2.
> 1.0.168.192.in-addr.arpa domain name pointer somehost1.
> 1.0.168.192.in-addr.arpa domain name pointer somehost.mydomain.
>
>
> OS: Debian Squeeze
> Version: 3.2 (OS-supplied binary distro, no recompile)
> _______________________________________________
> Pdns-dev mailing list
> Pdns-dev at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-dev
More information about the Pdns-dev
mailing list