In message <01HBGXGKIR5E000HBF @
Darwin .
CMH .
McMaster .
CA>, Marty Viilma writes:
>I've been trying to implement the strategy of returning an unknown.mydomain
>response with a wildcard ptr rec but when testing the address to name
>translation with nslookup it only return an A rec not found response.
>The record looks like this currently:
>* IN PTR unknown.mydomain.
Ouch. This is likely to cause some bizarre problems for you. I
would not recommend doing this unless 1) you know all the consequences
and 2) you have a real reason for doing something like this.
>Do I need an A rec of some description as well?
Sun's gethostbyaddr() checks that PTR records match addresses with
an A record. Many programs like tcp_wrapper (with -DPARANOID) also
do a similar check. If you want these to not return error messages,
you're going to have to have an A record for every possible unknown
address, and that's very likely to overflow internal resolver tables
and break things.
Why not just put in individual PTR records and A records for all
possible addresses for your zone? Why do you need a name for every
unknown address, anyway?
--Dave
References:
|
|
