Multihomed Servers...
Kevin Darcy
kcd at daimlerchrysler.com
Tue Jul 11 20:17:03 UTC 2000
Hmmm... That should work, in theory. The reverse lookups give the "atlas" name, and
the forward lookup of "atlas" then gives a RRset which includes the original
IP address. Any "double-reverse" lookup check should pass with flying colors.
Around here, we have adopted the policy of not creating any PTR's for round-robin
names. The PTR's always point back to the node-specific name, e.g. in your case,
"atlas-192" instead of the round-robin. I haven't heard of any problems with this.
Maybe you should try that as a test, i.e. change one of the PTR's to point to the
node-specific name. See if the problems go away.
- Kevin
Bob Van Cleef wrote:
> On Mon, 10 Jul 2000, Kevin Darcy wrote:
>
> > How do the PTR records look?
> >
>
> named.conf:
> zone "192.216.192.in-addr.arpa" {
> type master;
> file "reverse/192.216.192";
> };
>
> reverse/192.216.192:
> 53 IN PTR atlas.microunity.com.
>
> reverse/192.86.7:
> 53 IN PTR atlas.microunity.com.
>
> reverse/192.86.8:
> 53 IN PTR atlas.microunity.com.
>
> reverse/192.86.9:
> 53 IN PTR atlas.microunity.com.
>
> >
> > Bob Van Cleef wrote:
> >
> > > Sigh...
> > >
> > > I have a couple of systems that have multiple interfaces... which I setup
> > > like the wormhole.movie.edu examples in chapter four of the DNS & Bind
> > > books. For example:
> > >
> > > atlas A 192.216.192.53
> > > atlas A 192.86.7.53
> > > atlas A 192.86.8.53
> > > atlas A 192.86.9.53
> > >
> > > atlas-192 A 192.216.192.53
> > > atlas-7 A 192.86.7.53
> > > atlas-8 A 192.86.8.53
> > > atlas-9 A 192.86.9.53
> > >
> > > bash# grep atlas /etc/hosts
> > > 192.86.9.53 atlas atlas.microunity.com atlas-9 atlas-9.microunity.com
> > > 192.216.192.53 atlas atlas.microunity.com atlas-192 atlas-192.microunity.com
> > > 192.86.7.53 atlas atlas.microunity.com atlas-7 atlas-7.microunity.com
> > > 192.86.8.53 atlas atlas.microunity.com atlas-8 atlas-8.microunity.com
> > >
> > > I am repeatedly running into problems with software that seems to assume
> > > that this is illegal. Especially things that like to do reverse lookups.
> > >
> > > Does this practice break some new defacto standards that are evolving,
> > > or are those tools not doing their authentication correctly? I've run
> > > into problems with this on things as diverse as NFS on Solaris systems and
> > > CFENGINE.
> >
> >
> >
> > - Kevin
> >
> >
> >
> >
>
> ><> ><> ><> ><> ><> ><> ><> ><> ><> ><> ><> ><> ><>
> Bob Van Cleef, Member of Technical Staff (408) 734-8100
> MicroUnity Systems Engineering, Inc. FAX (408) 734-8136
> 475 Potrero Ave., Sunnyvale, CA 94086 vancleef at microunity.com
More information about the bind-users
mailing list