Wandering Thoughts archives

2007-10-24

The format of PTR records in Bind irritates me

How often have you seen a reverse DNS entry of host.dom.ain.10.11.12.in-addr.arpa.? I've seen it too often, and I've even created them too often. Such incorrect reverse DNS entries exist only because Bind makes it all too easy to shoot your foot off by insisting on perfect consistency; for PTR records, as for all other records, a name without a terminating dot is taken to be in the name of the zone. This is despite the fact that this makes no sense for PTR records; the only valid use for PTR records with names in the zone of the file is excessively clever.

(Yes, this is not the only error you can make in zonefiles. But it's one of the few that is syntactically valid but semantically wrong in a way that Bind could trivially detect.)

Given that in-zone PTR records make no sense, Bind could have saved a lot of people a lot of problems over the years if it had simply not accepted them, either by making a missing dot an error or by silently adding it if necessary. It could even have made the choice a global option; error out, fix up, or accept as is. But instead it stuck with a format that almost invites this error, and so people keep making it all the time.

(Note that I am not fond of going to the other extreme, as djbdns does, where all names have to be written out in full. There are a lot of convenient uses for partial names in DNS zone files, although we have a skewed perspective since we're in two top-level domains.)

sysadmin/PTRFormatIrritation written at 23:34:55; Add Comment


Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.