Re: Apache/Active Directory authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, Mar 18, 2011 at 2:58 PM, R P Herrold <herrold@xxxxxxxxxxxx> wrote:
> On Fri, 18 Mar 2011, Michael B Allen wrote:
>
>> True. You cannot have multiple PTR records for an IP. I did not mean
>> to suggest that you could.
>
> Not saying you are wrong here, but have you an RFC reference
> to this effect?  We previously held this belief from our prior
> practice, but cannot find a clear prohibition of such.  As
> such our DNS zonefile management code does not enforce such a
> limitation presently
>
> Considering the issue from the other side, there is nothing
> that requires simplicity if implementation of a client that
> says it can accept only a single PTR, rather than an array of
> replies and then walking the reverses

Hello R,

No, I do not have a citation and theoretically having multiple PTR
records for an IP might actually be quite reasonable. However, I would
imagine it would be fairly limited to things like clusters or servers
that should have the outward appearance of being identical. For
something like kerberos with HTTP servers doing virtual hosting (like
what John and I have been discussing in this thread), I suspect
multiple PTRs for the web server would create quite a mess.

Mike

-- 
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux