A records, PTR records, and TTL setting

Jon Murphy jcmurphy26 at gmail.com
Mon Dec 25 01:05:27 UTC 2023 

Comments below...

Jon


> On Dec 24, 2023, at 5:44 PM, marki via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
> 
> IMHO these are not issues concerning unbound but rather understanding of DNS in general. So maybe this is not the right forum.

This is my first time experimenting with DNS (though I have been experimenting with RPZ).. 

What is the right forum?


> To answer your question, what you are suggesting is not normally done.

That is the main thing I want to know!  What is normally done!

> But it doesn't necessarily generate errors. You need to know what you are doing / what goal you want to achieve.

I am trying to add devices (clients) to unbound DNS.  Most have one network interface and a few have two interfaces.

> 
> If you are declaring two identical A records pointing to different IP addresses, then the resolved IP will randomly be chosen between all entries. It can be used as a load-balancer for the poor.

That makes sense!  I had not heard this before (and I had not considered it).  This helps - Thank you!

> 
> Usually you have one IP (and one name) per interface. It doesn't matter what "device" that interface belongs to.
> 
> Very often people use "service names" to point to some IP and then the name of the actual host the IP is assigned to is used in the reverse lookup.
> 
> I.e. 
> accounting CNAME acc01prd
> acc01prd IP 1.2.3.4
> 1.2.3.4 PTR acc01prd
> 

So when loading the up `unbound-control list_local_data` or even writing line(s) to "/etc/unbound/dhcp-leases.conf", what is the proper way to add the 1st network interface and the 2nd network interface.

This is my current items:
  deb12dell.localdomain. 60 IN A 192.168.60.175
  175.60.168.192.in-addr.arpa. 60 IN PTR deb12dell.localdomain.

  deb12dell.localdomain. 60 IN A 192.168.65.180
  180.65.168.192.in-addr.arpa. 60 IN PTR deb12dell.localdomain.

What would the the proper way?  

Can CNAMES be added to a "/etc/unbound/dhcp-leases.conf" file?


> So you don't use the cryptic hostname to access the service, but if you do a reverse lookup you find out where the IP is hosted.
> 
> But it all depends on what you want to accomplish.

Thank you!  The above does help!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20231224/257e158c/attachment.htm>

More information about the Unbound-users mailing list