Date: Thu, 18 Nov 1999 13:31:23 -0500 (EST) From: Matt Behrens <matt@zigg.com> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: David G Andersen <danderse@cs.utah.edu>, freebsd-security@FreeBSD.ORG, bsd@a.servers.aozilla.com, matt <matt@BabCom.ORG> Subject: Re: [Systalk] localhost.org (fwd) Message-ID: <Pine.BSF.4.10.9911181328120.21200-100000@megaweapon.zigg.com> In-Reply-To: <199911181812.KAA86247@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Today, Matthew Dillon wrote: : You can't map domain.com's IP address to the host's real IP address : and have the reverse be domain.com ... for the host's real IP address : the reverse must match the hostname, host.domain.com. But you *can* : assign two IP addresses to the host (i.e. use an IP alias), making : the IP alias resolve to domain.com both forward and reverse while the : primary IP for the host resolves properly to host.domain.com both : forward and reverse. Strictly speaking, this isn't a practical problem. Situations where reverse and forward lookups must match (i.e. when using TCP wrappers) operate by (a) having an IPv4 address (b) reverse-lookupping it (c) forward-lookupping the result of the reverse lookup. If you assign multiple A records to a single domain name, you are breaking spec, but it doesn't cause any practical problems (presently...) Matt Behrens <matt@zigg.com> Owner/Administrator, zigg.com Chief Engineer, Nameless IRC Network To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9911181328120.21200-100000>