0

I'm in the process to script my dns server to auto generate PTR record and zones according the the non reversed one.

However, I wonder if it make sense/is legal to add PTR record for all the CNAME records in addition to the A records.

In my mind it would make sens and allow me with an quick reverse dig to see all the aliases of a particular server, as many are exposed with a prettier fqdn than their hostname one.

Keeping in mind that all the IPs form this zone are local network ones and internal use only.

I've search but haven't found any argument for or against reversing the cname too.

So my question is : Is it legal to do that and if yes is there any argument against doing it ?

Improve this question
1
  • Depends what you are trying to achieve, on a web server it can be used for different virtualhosts, for email servers you should have a PTR as eg spam checks use them. If your solution does not depend on PTRs then you don't need them.
    – Zina
    Commented Nov 23, 2020 at 13:05

1 Answer 1

Reset to default
1

Multiple PTR records are allowed, although this may confuse the few remaining pieces of software that wants to check that reverse and forward lookups (IP→domain→IP) match each other. In other words, this might cause trouble for SMTP servers or Kerberos-using hosts. It will be fine for websites though.

(RFC 1035 has an example of multiple PTR records at network scope, although the demonstrated usage is completely obsolete, it still implies that having multiple PTRs is not prohibited at protocol level.)

PTR records probably shouldn't point to a domain that is a CNAME, but I could not find an actual standards document that explicitly prohibits this. (RFC 1912 "Common DNS errors" says that PTR must not point to a CNAME, but does not provide any justification.)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .