[dns-operations] cloudflare-dns.com doesn't have reverse DNS
Viktor Dukhovni
ietf-dane at dukhovni.org
Wed Sep 20 03:15:25 UTC 2023
On Tue, Sep 19, 2023 at 11:00:34PM +0100, Joe Abley wrote:
> Apart from mail and some degree of debugging courtesy, what
> operational reasons exist to put effort into reverse DNS in 2023? Are
> there any? Or is the whole reverse tree just a weird anachronism?
Perhaps "apart from mail", it largely is. Often unhelpful, and
sometimes trending on harmful (e.g. I've recently seen a few hundred PTR
records for a single address in an over 32kB DNS response).
The email ecosystem would benefit if a lot *fewer* addresses had PTR
records, ideally just those of MTAs. With at least all the consumer
dynamic pool nodes unlisted, unless the customer has or obtains a static
IP and specifically requests a reverse mapping.
Reverse IPs for routers do make debugging easier, not only for
strangers, but also I would guess for the operators of said routers.
So PTR RRs in support of traceroute are also helpful, and are don't
get in the way of distinguishing MTAs from botnets.
--
Viktor.
More information about the dns-operations
mailing list