Very Computer

named.conf:

zone "domain1.com" {
    type master;
    file "domain1.db";

Quote:};

Quote:};

Quote:};

domain1.com    IN    SOA etc...

              IN    NS    ns.domain1.com.
              IN    MX    100 border.domain1.com.
              IN    A    192.168.10.1

ns           IN    A    192.168.10.1
border    IN    A    192.168.10.1
mail        IN    CNAME    border.domain1.com.
www      IN    CNAME    border.domain1.com.

I am not sure what the reverse would be since the address is the same but
the host name is different. Dou you just pick one hostname and go? would
this not let a remote machine think it got a succesful lookup?

        Ideally, unless you have a good reason not to, just pick one host name
and stick with it. Make that host name resolve to your IP, and make your
IP resolve to that hostname. For additional hosts, just CNAME them to
the main host. This is the cleanest approach, and should be used unless
there's some overriding reason to do otherwise.

        DS

fr> I am not sure what the reverse would be since the address is the same but
fr> the host name is different. Dou you just pick one hostname and go? would
fr> this not let a remote machine think it got a succesful lookup?

I think the only sane solution is to pick some neutral name for your
machine (services.your.domain say) set that up forward and reverse as
normal. Then you make CNAMEs for the other domain names.

The problem occurs only if someone does something like set up access
authorisation for some resource based on domain name. If they do the
reverse lookup they get the neutral name. This at least doesn't look
too much like a spoof to the humans you interact with. Since it's only
one machine it should be possible to persuade them to authenticate
that name rather than the specific name they think you are.

Hope that makes sense.

--

                                                 |<