Performance Issues - PTR Records

Jimmy Hess mysidia at gmail.com
Sun Nov 6 19:57:51 CST 2011


On Sun, Nov 6, 2011 at 7:10 PM, Mark Andrews <marka at isc.org> wrote:
> MacOS and Windows can both populate the reverse zone for you as can
> dhcp servers.
> The practice of filling out the reverse zone with fake PTR record  [...]

OK.. let's say you're a DSL provider.   Are you going to have your
DHCP server populating the forward and reverse DNS?   With what,  the
account holder's  name?    somename.example.com ?

Wouldn't you say    blahblah192-168-0-2.city.state.dsl.example.com
provides more useful information?
First of all, you know that the IP address is an end user,  an access
network's end user's one IP address,
an endpoint, rather than a subnet assigned to an actual multinode network.

Second of all, you know it's an ISP, and you have city and state
information of the network service.
This is more useful than arbitrary user made up hostname.

The hostname is more meaningful on "real networks" such as SMB LANs,
Enterprise intranets, web farms,  server networks, and other places
where generic records should not be assigned, but the PTR should be
the actual hostname.

If the IP address is dynamic or autoconfigured for _those_ types of
networks, then yes, automatic RDNS registration makes sense.   If it's
static, not so much.

Dynamic DNS registration is also complicated to make secure....   as
in preventing hosts from updating other hosts'  records  or  mucking
around the zone in other unwanted ways  requires complex key
management and ACL configuration


>
> --
> Mark Andrews, ISC
--
-JH



More information about the NANOG mailing list