[TriLUG] wierd bind9 question

Aaron S. Joyner aaron at joyner.ws
Fri Jun 17 00:46:30 EDT 2005 

Jason Tower wrote:

> anyone know how to prevent bind9 from returning two results to a
> reverse lookup, even if there are two PTR records in the zone file? 
> i'm using a GENERATE statement to automaticaly fill in most of the
> entries for a /24 subnet which works great - except that we sometimes
> want a specific hostname for a given IP but don't want bind to give
> two answers (the autogenerated one and the manually specified one),
> just the [first|last] one.  kind of an oddball question but maybe
> someone can answer it before they move to california <wink>
>
> jason

Simple.  Don't specify two reverse PTR records, and you won't get two
back from BIND.  Technically, returning two PTRs is against the spec. 
As I'm sure you've discovered, that's because it produces highly
inconsistent results.  GIGO, Garbage In, Garbage Out.  :)  You might try
a short hand something like this:

$GENERATE 1-35 PTR client$
36  PTR  special-clientA
$GENERATE 37-256 PTR client$

But that just makes it a little easier to manage than a big long
listing.  My general thinking is that if you're doing this by hand,
you're doing it wrong.  Presumably, these are DHCP assigned addresses
(if they're not, they should be), and they should be setup automatically
(with TSIG, of course) by the DHCP server at the time the address is
leased, based on the hostname of the requesting host for truly dynamic
assignments, or based on the hostname in the configuration for static
assignments.  This way all of your forward and reverse DNS entries will
match up, making things easy to address by name, and (if you're using
it) making Kerberos happy about reverse names likely matching host
principals.  If you're feeling especially lively, you can push the
entire configuration for DHCP up into LDAP, and configure it all on the
fly so you can add host to MAC name relationships w/o having to bounce
DHCPd.  If I were given the opportunity to build a large scalable
network from scratch, that's how I'd do it, at least.  :)

Aaron S. Joyner

More information about the TriLUG mailing list