Date: Thu, 04 Oct 2001 12:03:40 +0200 From: Ingeborg Hellemo <Ingeborg.Hellemo@cc.uit.no> To: =?iso-8859-1?Q?David_Sieb=F6rger?= <drs-stable@rucus.ru.ac.za> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: sdflkj Message-ID: <200110041003.f94A3ex15230@boyd.cc.uit.no> In-Reply-To: Your message of "Thu, 04 Oct 2001 11:12:04 %2B0200." <20011004111204.A7847@rucus.ru.ac.za>
next in thread | previous in thread | raw e-mail | index | archive | help
drs-stable@rucus.ru.ac.za said: > On Thu 2001-10-04 (08:59), Ceri wrote: > > On Wed, Oct 03, 2001 at 05:16:20PM -0700, Michael Sierchio said: > > > > > My apologies. My ISP's absolute refusal to delegate reverse entries > > > for my domain and /29 net is the problem. They gave me CNAME > > entries > > > instead of PTR records > > > > Umm, you can't delegate reverse DNS for a /29 _without_ using CNAMEs. > Not true. While the use of CNAMEs is suggested by RFC 2317, NS > records can be used too. The technique is described at: > http://homepages.tesco.net./~J.deBoynePollard/FGA/avoid-rfc-2317-delega > tion.html Do _not_ use this technique! Cite from <URL:http://marc.theaimsgroup.com/?l=bind-users&m=99948971616624&w=2>; "The document does NOT describe a valid DNS setup. It is simply illegal. Please, completely ignore this setup. Following the ignorant example on your site would lead to that machine being authoritative for the in-addr.arpa. domain. Only the [a-i].root-servers.net. should be authoritative for those. This set-up will leak incorrect/dangerous/poisonous info through authoritative & additional sections. For a provider with old caches (those that will cache authoritative/additional section) that happen to have cached yours, has the rest of the reverse name-space unavailable during TTL of the RR's in the sections. Bad. Very very bad. Roy Arends Nominum " --Ingeborg -- Ingeborg Østrem Hellemo -- ingeborg@cc.uit.no (Univ. of Tromsø, Norway) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110041003.f94A3ex15230>