[48831] in North American Network Operators' Group
Re: ATTBI refuses to do reverse DNS?
daemon@ATHENA.MIT.EDU (Daniel Senie)
Tue Jun 18 14:57:53 2002
Date: Tue, 18 Jun 2002 14:51:16 -0400
To: Lou Katz <lou@metron.com>, nanog@merit.edu
From: Daniel Senie <dts@senie.com>
In-Reply-To: <20020618113032.A5269@metron.com>
Errors-To: owner-nanog-outgoing@merit.edu
At 02:30 PM 6/18/02, Lou Katz wrote:
>A client of mine just discovered that he could no longer do ftp
>transfers to my machine. His IP address had changed to one in
>12.240.20 and there is no reverse DNS for that block. His
>previous assignment was in a totally different block which did
>have reverse DNS. Calls to ATTBI got the answer that they
>are not obligated to provide reverse DNS and have no plans to
>do so. My servers refuse connections when there is no reverse
>lookup.
Your server is using this INADDR lookup for what purpose? Security?
INADDR is a really good idea for network operators to be using, and a
really BAD idea for server operators to use as a security mechanism. Fix
your server to be less anal.
read draft-ietf-dnsop-inaddr-required-03.txt from your favorite Internet
Drafts archive for additional information on this subject.
>Is this common?
I have a CDPD card which has a fixed address. It's from Verizon Wireless.
There's no INADDR. There seems to be a lack of understanding and clue all
around on INADDR, which is the motivation for the above-mentioned draft.
Having something to point network operators and server operators to would,
IMO, help.
>--
>I suppose I could set up a bogus reverse for him, but, feh...
Either you set up something, or you can make your server not care about
reverse, or lose the customer.
-----------------------------------------------------------------
Daniel Senie dts@senie.com
Amaranth Networks Inc. http://www.amaranth.com
