On Thu, Mar 01, 2001 at 01:00:38PM -0600, Nate Carlson wrote:
> RFC says (somewhere, don't remember which one) forward and reverse have
> to match, so having the following would be invalid:

Learn something new every day.  But...

IIRC, NS and MX records aren't supposed to point to CNAMEs, only to As.
So wouldn't using only one A per IP make things a lot messier if you
switch from hosting mail and DNS on the same machine to separate boxes
or vice-versa?

Also, the DNS-HOWTO (my admittedly near-sole source of information on
the topic) includes a note that "A number of the arch-bind-wizards,
recommend not using CNAME at all. But the discussion of why or why not
is beyond this HOWTO."  Do these arch-bind-wizards choose to ignore the
RFC you're referring to or have they come up with some way of reconciling
the two approaches?

> This also makes it a helluva lot easier if we ever switch the IP of our
> web server.

If you want to look at it that way, sure...  It's the flip side of my earlier
comment about CNAMEs outside the zone being more fragile.  The extra level of
indirection makes moving the web server easier, but it also makes the
referring zone vulnerable to loss of access to the zone containing the A
record.

-- 
SGI products are used to create the 'Bugs' that entertain us in theatres
and at home. - SGI job posting
Geek Code 3.1:  GCS d? s+: a- C++ UL++$ P++>+++ L+++>++++ E- W--(++) N+ o+
!K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r y+