Quick question about Host records

Stefan Probst stefan.probst at opticom.v-nam.net
Wed Aug 9 15:32:48 UTC 2000 

At 15:08 09.08.00 +0100, Jim Reid wrote:
-------------------------
> The problem is what happens if there are two different names for the
> same IP address and that IP address changes? So one of the names could
> be updated to the new address while the other is left dangling,
> pointing at the old address. Normally this doesn't matter much. One
> name is right and the other is wrong. Big deal. But if the multiple A
> records are glue for zone delegations, there can be trouble because
> the glue no longer points at a name server for some zone. So when name
> servers lookup names in some zone, they send queries to the wrong IP
> address. That can mean lame delegations or SERVFAIL errors: maybe even
> making the zone unreachable. Perhaps this might be important.
> 
> Suppose you list ns.hank.org as one of your name servers, but this has
> the same address as ns.jim.org, which is one of my servers. Maybe I'm
> your ISP or I offer a slave DNS facility for hank.org as a favour. One
> day I renumber ns.jim.org. When that happens the entry for ns.hank.org
> in the .org zone would still point at the old address which might not
> run a name server or even be in use any more. Now what if ns.jim.org
> provides slave DNS service for a lot of .org zones? Aside from the
> tedium of getting all those delegations updated, what if I forget to
> tell one of my customers or they fail to change their delegation
> information? Does this clarify things enough?
> 
> If all that has to change in the .org zone is the address of
> ns.jim.org, everything just works when I renumber that server.
> 

IMHO, what you say holds true in case the registrant (who controls the
delegation data in the root servers) is different from the DNS host master
(who controls the IP address of the name server). This leads easily to
lame servers, if the IP address is changed and not every hosted domain
owner notified that he has to change his glue data in the root zone.

It is also true, that it is cumbersome to change lots of records (glue
data in the root and A records for the name servers in their zones), if
the IP address changes, instead of only one time.

However, what I understand from the original poster, he controls all
concerned domains (original name server domain and new, "virtual" ns
domains) by himself. Therefore no co-ordination problems. He plans to use
only a few domains (?). So the work in case of IP address change should be
not too much.

While it might be cumbersome with potential trouble spots in case of IP
address change of the name server - as you pointed out, the proposed setup
should work, at least as long as the IP addresses remain the same, or not?

Does the "wrong" reverse look-up have any consequences?

Cheers,
Stefan

More information about the bind-users mailing list