[146110] in North American Network Operators' Group
Re: Performance Issues - PTR Records
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Wed Nov 2 22:10:27 2011
In-Reply-To: <201111022033.45568.lesmith@ecsis.net>
Date: Wed, 2 Nov 2011 21:09:36 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Larry Smith <lesmith@ecsis.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Nov 2, 2011 at 8:33 PM, Larry Smith <lesmith@ecsis.net> wrote:
> On Wed November 2 2011 20:27, Matt Chung wrote:
>> I assumed that the applications would take absent records into
> When you mis-place your keys do you only look in one place and then give
> up? =A0The calling server does not know there is "no" record until it exh=
austs
If the reverse zone is properly configured, but just the PTR record is miss=
ing,
you get NXDOMAIN, which is not "you mis-place your keys"; it's
"someone told you authoritatively that your keys don't exist", never existe=
d
or no longer existed.
If you ask where your key ring went, and Frodo Baggins informs you that
it doesn't exist, because it was tossed down into a pool of magma on mount =
doom,
and you trust his reply, you stop looking for it.
The only way you don't trust a valid DNS reply is if you are
implementing DNSSEC,
and the "authoritative proof of non-existence" doesn't validate
--
-JH
