• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 701
  • Last Modified:

Reverse DNS for host with multiple IPs

Correct me if I'm wrong, but I thought setting up reverse DNS for hosts with multiple IPs is pretty straightforward?

We have one customer that has 2 ADSL lines with 2 different suppliers and an internal mail server.  There are two A records setup for their mail server hostname pointing to the two different IPs.  Each supplier has setup reverse DNS entries for each IP resolving to the same hostname.  This has all worked fine for over a year.

Now one of the lines has been switched to a different supplier and their hostmaster is telling me it's not possible to setup rDNS for a host that has two forward lookup IPs??

I quote

"A single A record has to point to a single IP address, you cannot have mail.yourdomain.com pointing at 2 different IP addresses it just will not work."

That is true - a single A record has to point to a single IP.  But there's no reason why there can't be two A records for the same hostname right?

Or am I going senile?
0
devon-lad
Asked:
devon-lad
  • 2
  • 2
1 Solution
 
Chris DentPowerShell DeveloperCommented:

You're not senile. There's no real reason a PTR record cannot point to an A record acting as part of a Round Robin set (multiple A records for a single name resource).

It's all fine as long as your network kit is capable of coping with the connections coming in on two different IPs, I assume it is if you've been running that successfully.

Chris
0
 
devon-ladAuthor Commented:
Thanks for that Chris.

And there's no reason why rDNS cannot be setup so that two different IPs with two different suppliers resolve to the same hostname, right?

I'm thinking it must be ok, because this is what we've had for the past year or so.

Need to find a link to something official that says the above in a nutshell, because this guy is not listening to me.
0
 
Chris DentPowerShell DeveloperCommented:

It comes under RFC 1912 (http://www.ietf.org/rfc/rfc1912.txt) which makes the following recommendation:

   Make sure your PTR and A records match.  For every IP address, there
   should be a matching PTR record in the in-addr.arpa domain.  If a
   host is multi-homed, (more than one IP address) make sure that all IP
   addresses have a corresponding PTR record (not just the first one).

Your system in this instance is multi-homed so to conform to that recommendation it must have a PTR record for each IP, pointing back to the same name (because it is the same host).

We can resort to Wikipedia for the rest, because it describes FCrDNS which is used in some instances (rather than just a ReverseDNS check). This process is not defined in an RFC so it's about as good as we get.

http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS

Paying special attention to the highlighted "any":

> For each domain name mentioned in the PTR records, a regular DNS lookup is done to see
> if **any** of the A or AAAA records match the original IP address

He won't need Round Robin proving for the forward lookup as well will he?

Chris
0
 
devon-ladAuthor Commented:
Ah, that will do it.

Thanks Chris
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now