Path: utzoo!utgpu!watserv1!watmath!att!linac!uwm.edu!zaphod.mps.ohio-state.edu!ncar!midway!ux1.cso.uiuc.edu!mp.cs.niu.edu!rickert From: rickert@mp.cs.niu.edu (Neil Rickert) Newsgroups: comp.protocols.tcp-ip.domains Subject: Re: PTR records of gateways on the Internet Message-ID: <1991Jan11.004226.24988@mp.cs.niu.edu> Date: 11 Jan 91 00:42:26 GMT References: <1991Jan9.195641.17628@slcs.slb.com> <1991Jan10.051543.8831@mp.cs.niu.edu> <1991Jan10.230440.25431@spectrum.CMC.COM> Organization: Northern Illinois University Lines: 53 In article <1991Jan10.230440.25431@spectrum.CMC.COM> lars@spectrum.CMC.COM (Lars Poulsen) writes: > >All systems have some form of outgoing traffic. Even a "dumb router" >will send ICMP messages. It is important for network troubleshooting to >be able to identify the origin of this traffic. > This is why it is appropriate to have PTR records, even when it is not appropriate to have A records mapping the name back to the address. >And indeed, this is the case with the above example, and that is why >TRACEROUTE is unable to resolve the name: > > princeton.nj.nss.nsf.net 13265 IN A 128.121.54.1 > >There is code in (at least Sun's) "gethostbyaddr()" to trap this type >of data inconsistency and produce a syslog message: Just because Sun's 'gethostbyaddr()' is broken, there is no reason to complain about the way domains are set up. >Obviously the implementors of gethostbyname() believed this to be >illegal. > The public BSD sources do not have this defect. The DNS is a directory service, not an authentication service. The extra checking you describe in Sun gethostbyname() is an attempt to use it as an authentication service. This is WRONG behavior for gethostbyaddr(). It may make sense to add this type of authentication to some specific uses (say in rlogind, when checking hosts.equiv). But it does not make sense in general. To use an admittely imperfect analogy, just because I announce who I am when I initiate a telephone call, this does not mean I may not have an unlisted number. >Neil> the samples that come with the bind software suggest you use a PTR >Neil> to map 127.0.0.1 to 'localhost', and that you have an A-record >Neil> mapping 'localhost.your.domain' to '127.0.0.1'. >Neil> Isn't this the type of inconsistency you are complaining about? > >In fact his is entirely consistent. 127.0.0.1 -> localhost.my.domain; >localhost.my.domain -> 127.0.0.1 > Look again at the samples. They mostly map 127.0.0.1 to 'localhost', and NOT to 'localhost.your.domain', and for good reason. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science Northern Illinois Univ. DeKalb, IL 60115 +1-815-753-6940