RFC 1912 Section 2.1 states the following:
Make sure your PTR and A records match. For every IP address, there
should be a matching PTR record in the in-addr.arpa domain. If a
host is multi-homed, (more than one IP address) make sure that all IP
addresses have a corresponding PTR record (not just the first one).
Failure to have matching PTR and A records can cause loss of Internet
services similar to not being registered in the DNS at all. Also,
PTR records must point back to a valid A record, not a alias defined
by a CNAME. It is highly recommended that you use some software
which automates this checking, or generate your DNS data from a
database which automatically creates consistent data.
This does not make any sense to me, should an ISP keep matching A records for every PTR record? It seems to me that it's only important if the IP address that the PTR record describes is hosting a service that is sensitive to DNS being mismatched (such as email hosting). In that case the forward zone would be configured under a domain name (examples follow the format 'zone -> record'):
domain.tld -> mail IN A 1.2.3.4
And the PTR record would be configured to match:
3.2.1.in-addr.arpa -> 4 IN PTR mail.domain.tld.
Would there be any reason for the ISP to host a forward lookup for an IP address on their network like this?:
ispdomain.tld -> broadband-ip-1 IN A 1.2.3.4
No comments:
Post a Comment