[dns-operations] does it matter when nameserver recs have non-matching PTRs ?
jimpop at gmail.com
Mon Aug 3 16:28:23 UTC 2015
On Mon, Aug 3, 2015 at 12:08 PM, Mark Jeftovic <markjr at easydns.com> wrote:
> On 2015-08-03 11:19 AM, Jim Popovitch wrote:
>>>> ~$ dig NS speedyiguana.com
>>>> ~$ host ns1.speedyiguana.net
>>>> ns1.speedyiguana.net has address 188.8.131.52
>>>> ~$ host 184.108.40.206
>>>> 220.127.116.11.in-addr.arpa domain name pointer ns1.domainmail.org.
>>> Good luck getting anything delegated to ns1.speedyiguana.net under .IS!
>> To be honest, is anybody doing that anyways?
> I don't understand what you mean above, is anybody doing "that" ?
Would example.is delegate NS to ns*.speedyiguana.net which has a PTR
of ns*.domainmail.org? or are you saying that ns1.speedyiguana.is
could not use IP 18.104.22.168 (PTR = ns1.domainmail.org).
>> ns?.domainmail.org handles DNS for several domains, of which those
>> domains use their own NS names... because glue works better that way
>> when you are hosting non-.org TLDs on a .org infrastructure, but
>> surely you would know that.
> Fine can of worms you've opened here. All of them would have issues
> getting delegated under various ccTLDs.
> Yet I see Paul's earlier point that some basic minimum of "is this
> really a nameserver that is prepared to accept a delegation" is not a
> bad thing - it's true that hardly any gTLDs do any of this (and I think
> that's a problem too)
> So what' the medium?
> Earlier I said "what if both records are under the same superdomain" and
> you trot out this example, which also seems valid.
> * both records under the same superdomain
> * records indicate that they are being used as a nameserver by naming
> themselves... nsX, dnsX, and what else? (We have some nameservers named
> "rush", "motorhead" and "nirvana")
You also have some aliased names like dns2.easydns.com, so let me ask:
would aliasing ns1.speedyiguana.com as ns1.domainmail.org be better
from your pov?
My understanding is that proper glue is a greater sign of DNS
integrity than matching rDNS, but maybe not? I'm not new at DNS, but
I'm also not an expert, so... I'm always willing to learn more.
More information about the dns-operations