Re: Has anyone implemented "double forward DNS"?

From: Jerry Franz <>
Subject: Re: Has anyone implemented "double forward DNS"?

Duncan Simpson wrote:

> The idea here is that a client that finds is does 
> not trist this infiormation. Instead it looks up and 
> checks for a PTR record saying If one is not found then the 
> result is disinformation and should not be used. Of course if the bad guy also 
> controls the client's information about the reverse zone it still loses.

Your proposal would cause a lot of trouble for sites using shared-ip 
virtual webhosting (read many, perhaps most, sites) since it could 
require potentially thousands (or more) of PTR records for each 
shared-ip webserver IP (which would do nasty things to DNS  in general).

Benjamin Franz

Copyright © 1995-2018 All rights reserved.