A records or CNAME??
Kevin Darcy
kcd at daimlerchrysler.com
Tue Apr 30 02:22:28 UTC 2002
What software is doing this double resolution? Usually this
(so-called) authentication method starts with the IP address, reverse-maps it
to a name, and then does a forward lookup to ensure that the name maps to the
IP it started with. Given what you have, this should work. I'm not aware of any
software that does it the other way around. Are you sure you haven't
misdiagnosed the problem?
- Kevin
James Gray wrote:
> We have single machine that operates as a backup for 3 main network services
> FTP, DNS and SMTP. Consequently, we have three hostnames mapping to a
> single address. This is not a problem and is defined in the RFC's.
> However, we are hitting some problems when this machines connects to remote
> hosts that do a double resolution to verify the hostname/IP. The forward
> lookup works ok, but the reverse maps the IP to a different host and the
> connection is refused.
>
> The snippet from the current zone file looks like this:
>
> ns2 IN A 1.2.3.4
> ftp IN A 1.2.3.4
> mail IN A 1.2.3.4
> etc...
>
> but the revese lookup only maps 1.2.3.4 to ns2. Can we get around this by
> changing the forward zone to this:
>
> ns2 IN A 1.2.3.4
> ftp IN CNAME ns2
> mail IN CNAME ns2
> etc....
>
> Thanks in advance.
>
> James
More information about the bind-users
mailing list