Date: Thu, 18 Nov 1999 12:02:58 -0800 (PST) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: matt@zigg.com (Matt Behrens) Cc: dillon@apollo.backplane.com (Matthew Dillon), danderse@cs.utah.edu (David G Andersen), freebsd-security@FreeBSD.ORG, bsd@a.servers.aozilla.com, matt@BabCom.ORG (matt) Subject: Re: [Systalk] localhost.org (fwd) Message-ID: <199911182002.MAA25442@gndrsh.dnsmgr.net> In-Reply-To: <Pine.BSF.4.10.9911181328120.21200-100000@megaweapon.zigg.com> from Matt Behrens at "Nov 18, 1999 01:31:23 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Today, Matthew Dillon wrote:
>
> : You can't map domain.com's IP address to the host's real IP address
> : and have the reverse be domain.com ... for the host's real IP address
> : the reverse must match the hostname, host.domain.com. But you *can*
> : assign two IP addresses to the host (i.e. use an IP alias), making
> : the IP alias resolve to domain.com both forward and reverse while the
> : primary IP for the host resolves properly to host.domain.com both
> : forward and reverse.
>
> Strictly speaking, this isn't a practical problem. Situations
> where reverse and forward lookups must match (i.e. when using TCP
> wrappers) operate by (a) having an IPv4 address (b) reverse-lookupping
> it (c) forward-lookupping the result of the reverse lookup.
> If
> you assign multiple A records to a single domain name, you are
> breaking spec, but it doesn't cause any practical problems
> (presently...)
That is not correct, infact assigning multiply A records to a given
domain is _IN_ spec:
gndrsh:root {1098}# host br1.dnsmgr.net
br1.dnsmgr.net has address 198.145.92.125
br1.dnsmgr.net has address 198.145.92.1
gndrsh:root {1099}# host br1.chatusa.com
br1.chatusa.com has address 206.163.33.174
br1.chatusa.com has address 209.222.137.174
br1.chatusa.com has address 209.222.137.177
br1.chatusa.com has address 209.222.137.14
br1.chatusa.com has address 206.251.69.1
br1.chatusa.com has address 206.251.92.2
br1.chatusa.com has address 206.163.33.14
gndrsh:root {1100}#
Yes, those are host based routers, yes they really have that many IP interfaces
in them, they are after all routers :-)
>
> Matt Behrens <matt@zigg.com>
> Owner/Administrator, zigg.com
> Chief Engineer, Nameless IRC Network
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
--
Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911182002.MAA25442>