Reverse DNS: Is it necessary?

Chip Old fold at bcpl.net
Sun Mar 18 14:54:48 UTC 2001 

On Sat, 17 Mar 2001, Studio 51 wrote:

> I asked my web host to fix the lack of reverse DNS for the domains
> they host for me, they told me that thier nameservers don't support
> reverse DNS. Is this considered a misconfiguration? It's a dedicated
> host that will be running a spider program, so I would think that many
> hosts would try to perform a reverse DNS lookup on the spider, which
> will fail because of this. Are there any other areas this is likely to
> affect?
>
> I thought reverse DNS was a standard part of properly setting up a
> nameserver, am I wrong?

A "PTR" record corresponding to each "A" record is what makes reverse DNS
lookups possible.  You're right, it is a standard part of properly setting
up a nameserver.  However many DNS admins omit PTR records, either out of
ignorance, or out of laziness, or out of the belief that it increases
security.  Whether the latter is true is hotly debated, but in any case it
causes more problems than it solves.

As for your Web host's statement that their nameservers don't support
reverse DNS, are you sure that's exactly what they said?  If so, they must
have meant "We don't (for whatever reason - see above) use PTR records",
because I'm not aware of any name server software that doesn't understasnd
PTR records.

Another possiblility is related to the way your hosting ISP does virtual
hosting on his Web server.  There is "IP based", in which every hosted Web
site has a unique IP address even if on a shared Web server.  This is very
wastful of IP addresses, so these days most hosting services use "name
based" hosting.  In this scenario a virtual interface is configured on the
shared Web server, and the IP address of that interface is shared by all
sites hosted on the server.  The Web server software knows which site's
pages to serve up by the "Host" header in the http request.

If the virtual hosting setup for your sites is name-based, then maybe what
your ISP means is that your sites don't have unique IP addresses.  That
may be true, but hopefully there is a PTR record for the IP address shared
by all name-based virtual hosts on that Web server.

Anyway, without knowing the specifics of how your sites are hosted a lot
of this is guesswork.  If you had mentioned your domain names, a few
seconds work with nslookup would have told us a lot.

-- 
Chip Old (Francis E. Old)               E-Mail:  fold at bcpl.net
Manager, BCPL Network Services          Voice:   410-887-6180
Manager, BCPL.NET Internet Services     FAX:     410-887-2091
320 York Road
Towson, Maryland 21204 U.S.A.

More information about the bind-users mailing list