An open question on ampr.org hostnames (see my response below):
On 2014-04-08 15:32, Brian Kantor wrote:
Dean, I feel it would be a bad idea to delegate the forward lookup to your nameserver without also delegating the reverse lookup, which would be difficult and we do not do. You can continue to have as many names in the ampr.org dns like ns1.ae7q as you like by having John set them up for you, which will automatically set up the appropriate PTR record as well. I'd much rather you did it this way.
Best wishes. - Brian
On 2014-04-04 17:47, Dean Gibson wrote (tobkantor@ucsd.ude):
I have IP address 44.24.240.173 in Bart Kus’s 44.24.240.0/20 block. I sent a request to John Hays, the admin for the 44.24.0.0/16 block to add the following records to the ampr.org domain: ns1.ae7q IN A 44.24.240.173 ae7q IN NS ns1.ae7q This would allow me to create additional hostnames in the ae7q.ampr.org sub-domain, in my own DNS server. I’ve run BIND for 15 years, and this is a nice way to delegate a sub-domain; the ampr.org domain remains protected. John was able to add the first line to the domain, but not the second line, and he suggested that I contact you. I see other NS records in the ampr.org domain; is this something that you can do? Sincerely, Dean AE7Q
I understand the difficulty with delegating the reverse lookup in general, which I was not requesting and don't need. It's often not done on the Internet anyway for small (eg, hobby) servers, except for mail servers, where it is a means of spam server detection. I've run multiple sites with various functions (DNS, mail, web) on one box on the Internet for 15+ years, and the only reverse DNS I've ever needed was for mail servers.
Usually, a hobby machine serves several functions within the same box, and multiple hostnames are mapped to the same IP address. In fact, for ae7q.com (and my other domains), due to DNS requirements, I can't use CNAMEs for the domain hostname (for those that leave off www.), the nameserver hostname, or the mail server hostname (NS and MX records can't reference a CNAME -- RFC 2181 https://tools.ietf.org/html/rfc2181 section 10.3). These all use an "A" record to assign the *same IP address* as the mail server (which also can't use a CNAME, due to spam detection). That's three "A" records to one IP address (and that's just in one domain), and it is a very common practice. I do use CNAMEs other places.
I understand that you would like a PTR record for every hostname, but that has the following negative consequences that I can see:
1. It encourages people to request a larger IP address block than they need, and then create a multi-homed machine for the various functions. I think it's a really bad idea to consume unnecessary IP addresses, and I think it's already happening in the 44.x.x.x network. 2. For frequent changes, it unfairly and unduly burdens those volunteers who have to respond to requests. I make *very* frequent changes to my Internet and LAN domain records. I have over 50 network devices on my LAN at home on five subdomains, and I use DDNS (both manually and via DHCP) for most of them (it's just easier than changing a zone file and restarting BIND). Granted, most of those won't be on the 44.x.x.x network, but the present scheme discourages experimenting with configurations by amateurs who don't want to burden the volunteers who make the ampr.org changes.
I would suggest that you reconsider your position of requiring a PTR record for each hostname.
Much better to have a policy of encouraging *user-managed* subdomains, in my opinion; that would help lead to a consistency in hostnames in ampr.org (eg, all of the form <whatever>.<callsign>.ampr.org). A much poorer alternative (also my opinion) is the present practice of having end users to *submit to coordinators* CNAME records for subdomains of any "A" records that are allocated to them.
Frankly, the former suggestion (user-managed subdomains where an ampr.org coordinator adds the "NS" record *once*), is a lot less work, in my opinion. Or is there a risk I'm not aware of? Remember, the subdomains are served off of the user's DNS server(s), not the ampr.org DNS servers.
Sincerely, Dean Gibson AE7Q