[dns-operations] how common is a 66-record answer section, i wonder?

Peter Dambier peter at peter-dambier.de
Mon Aug 14 09:52:17 UTC 2006 

I must have missed something:

~> natnum 200.210.47.10
host_look("200.210.47.10","200.210.47.10","3369217802").
host_name("200.210.47.10","recantodaviolamontealto.com.br").

~> natnum recantodaviolamontealto.com.br
host_look("200.210.47.10","recantodaviolamontealto.com.br","3369217802").
host_name("200.210.47.10","santacasamontealto.com.br").

~> natnum santacasamontealto.com.br
host_look("200.210.47.10","santacasamontealto.com.br","3369217802").
host_name("200.210.47.10","tksoftinformatica.com.br").

~> natnum tksoftinformatica.com.br
host_look("200.210.47.10","tksoftinformatica.com.br","3369217802").
host_name("200.210.47.10","cozinhasprojeto.com.br").

~> natnum tksoftinformatica.com.br
host_look("200.210.47.10","tksoftinformatica.com.br","3369217802").
host_name("200.210.47.10","bma-borrachas.com.br").

~> natnum tksoftinformatica.com.br
host_look("200.210.47.10","tksoftinformatica.com.br","3369217802").
host_name("200.210.47.10","lbmredutores.com.br").


But with /etc/hosts it works:

~> natnum 192.168.48.225
host_look("192.168.48.225","192.168.48.225","3232248033").
host_name("192.168.48.225","ramses.peter-dambier.de").
host_alias("ramses.lomiheim","ramses.peter-dambier.de").
host_alias("ramses","ramses.peter-dambier.de").
host_alias("munin.ramses","ramses.peter-dambier.de").


I wish DNS would work like /etc/hosts or NIS
but not with libresolv :(

At least the many PTRs can help the 'digger' building an /etc/hosts file.

It is a last resort for nonexisting AXFR.

I still dont know why the contents of the '.DE' zone is a secrect but the
contents of '.AG' is not. Maybe that is the reason why all german companies
of the AG type (PLC in english) are hosted in '.AG' :)

Question
========

Suppose I did provide a DNS resolver with NIS interface. The monster will be
building an /etc/hosts like datbase to be queried using the NIS protocol.

Now you could use a tool like

~> name2pl 192.168.48.0
host_name("192.168.48.0","lomiheim").
host_name("192.168.48.1","sid.peter-dambier.de").
host_alias("sid.lomiheim","sid.peter-dambier.de").
host_name("192.168.48.2","krzach.peter-dambier.de").
...
host_name("192.168.48.227","lomi.peter-dambier.de").
host_alias("lomi.lomiheim","lomi.peter-dambier.de").
host_alias("lomi","lomi.peter-dambier.de").
host_alias("hugin.lomi","lomi.peter-dambier.de").
host_name("192.168.48.228","echnaton.lomiheim").
host_name("192.168.48.255","bcast.lomiheim").

to find out things you always wanted to know.

Would that server raise judicial problems?

The source of the tools can be found at

http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/


Kind regards
Peter and Karin


Mark Andrews wrote:
>>>	I've never seen the benefit of multiple pointers in the
>>>	reverse tree.  People just keep adding them until they
>>>	exceed the ability of the protocol to return.  In reality
>>>	nothing depends on there being a matching ptr for a address.
>>>	The reverse however is not true.
>>
>>i realize that .rhosts is dead, but there was a time when being able
>>to check gethostbyname(gethostbyaddr(getpeername(s))) == getpeername(s)
> 
> 
> 	Which only required a single PTR record.  Adding extra PTR
> 	records usually meant adding extral lines to .rhosts as
> 	only the first PTR return was checked.
> 
> 
>>was valuable, and being able to enumerate all of the owners of A RRs
>>that had the same rdata was therefore valuable.
>>
>>it's still in common use for anti-spam MTA's.  postfix has an option
>>for "don't allow e-mail from hosts who don't have PTRs"
> 
> 
> 	This doesn't require multiple PTR's.
> 
> 
>>as well as
>>"don't allow e-mail from hosts whose PTR isn't the same as their HELO"
> 
> 
> 	Which breaks mail from behind NAT boxes.  Even adding PTR's for
> 	all the (mail) machines behind a NAT doesn't scale as eventually
> 	you reach DNS's 64k message limit.
> 
> 	This one also assumes you can control your reverse name space.
> 
> 
>>as well as "don't allow e-mail from hosts who aren't in the A RRset
>>for the HELO name".
> 
> 
> 	This doesn't require multiple PTR's.  This just requires
> 	that there is appropriate address records.
> 
> 
>>i use all three, and i depend on them, and i like
>>them, and so i find A-vs-PTR symmetry to be valuable, even w/o .rhosts.
>>_______________________________________________
>>dns-operations mailing list
>>dns-operations at lists.oarci.net
>>http://lists.oarci.net/mailman/listinfo/dns-operations
> 
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations


-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/

More information about the dns-operations mailing list