Can BIND setup with only A names and fully qualified host names work properly?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I recently came across a zone file for BIND which used only Address records with fully qualified domain names for each IP.



Example snippet:



subdomain1.example.com. IN A 192.168.1.10
subdomain2.example.com. IN A 192.168.1.10
subdomain3.example.com. IN A 192.168.1.10


There are also multiple fully qualified names resolving to the same IP addresses.



Is there a issue with this configuration? (i.e. not using CNAME or ALIAS?)



Can this be done or will it cause issues?



Since I am not an expert I assume some issues include:



  • Reverse lookup. (first response is considered correct?)

  • Certificates (if not first response then cert error?)









share|improve this question



























    up vote
    1
    down vote

    favorite












    I recently came across a zone file for BIND which used only Address records with fully qualified domain names for each IP.



    Example snippet:



    subdomain1.example.com. IN A 192.168.1.10
    subdomain2.example.com. IN A 192.168.1.10
    subdomain3.example.com. IN A 192.168.1.10


    There are also multiple fully qualified names resolving to the same IP addresses.



    Is there a issue with this configuration? (i.e. not using CNAME or ALIAS?)



    Can this be done or will it cause issues?



    Since I am not an expert I assume some issues include:



    • Reverse lookup. (first response is considered correct?)

    • Certificates (if not first response then cert error?)









    share|improve this question

























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I recently came across a zone file for BIND which used only Address records with fully qualified domain names for each IP.



      Example snippet:



      subdomain1.example.com. IN A 192.168.1.10
      subdomain2.example.com. IN A 192.168.1.10
      subdomain3.example.com. IN A 192.168.1.10


      There are also multiple fully qualified names resolving to the same IP addresses.



      Is there a issue with this configuration? (i.e. not using CNAME or ALIAS?)



      Can this be done or will it cause issues?



      Since I am not an expert I assume some issues include:



      • Reverse lookup. (first response is considered correct?)

      • Certificates (if not first response then cert error?)









      share|improve this question















      I recently came across a zone file for BIND which used only Address records with fully qualified domain names for each IP.



      Example snippet:



      subdomain1.example.com. IN A 192.168.1.10
      subdomain2.example.com. IN A 192.168.1.10
      subdomain3.example.com. IN A 192.168.1.10


      There are also multiple fully qualified names resolving to the same IP addresses.



      Is there a issue with this configuration? (i.e. not using CNAME or ALIAS?)



      Can this be done or will it cause issues?



      Since I am not an expert I assume some issues include:



      • Reverse lookup. (first response is considered correct?)

      • Certificates (if not first response then cert error?)






      linux domain-name-system bind internal-dns






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 36 mins ago









      HBruijn

      51k1083137




      51k1083137










      asked 1 hour ago









      Nathan McCoy

      160210




      160210




















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          4
          down vote













          It's perfectly valid to have multiple A records pointing to the same IP. Reverse lookup has nothing to do with it; as that would a) be in a separate zone and b) would be using PTR records. Certificates are also irrelevant here.






          share|improve this answer



























            up vote
            1
            down vote













            That is only a forward zone and as @bodgit answered that is perfectly valid for all use cases.



            The main potential disadvantage of the above is an administrative one. For a single zone not too much of an issue but with many host names in many different domains much more so: in case of a change of ip-address every A record with that ip-address will need to be updated, where CNAME records will automtically follow the ip-address change of their target FQDN and would not need to be updated.



            For a reverse zone, doing something almost similar is AFAIK also technically valid:



            10.1.168.192.in-addr.arpa. IN PTR subdomain1.example.com.
            10.1.168.192.in-addr.arpa. IN PTR subdomain2.example.com.
            10.1.168.192.in-addr.arpa. IN PTR subdomain3.example.com.


            but that won't have the effect people usually seem to expect.



            subdomain1.example.com. will always point to 192.168.1.10 but the reverse lookup will most of the time NOT point back to subdomain1.example.com.

            The above will become a round-robin DNS record where 1/3 of the responses will return an "incorrect" response of subdomain2.example.com. , 1/3 of the responses will return an also "incorrect" response of subdomain3.example.com. and only a 33% chance exists that the "correct" response of subdomain1.example.com. will be seen.






            share|improve this answer






















              Your Answer








              StackExchange.ready(function()
              var channelOptions =
              tags: "".split(" "),
              id: "2"
              ;
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function()
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled)
              StackExchange.using("snippets", function()
              createEditor();
              );

              else
              createEditor();

              );

              function createEditor()
              StackExchange.prepareEditor(
              heartbeatType: 'answer',
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader:
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              ,
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              );



              );













               

              draft saved


              draft discarded


















              StackExchange.ready(
              function ()
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f938084%2fcan-bind-setup-with-only-a-names-and-fully-qualified-host-names-work-properly%23new-answer', 'question_page');

              );

              Post as a guest






























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes








              up vote
              4
              down vote













              It's perfectly valid to have multiple A records pointing to the same IP. Reverse lookup has nothing to do with it; as that would a) be in a separate zone and b) would be using PTR records. Certificates are also irrelevant here.






              share|improve this answer
























                up vote
                4
                down vote













                It's perfectly valid to have multiple A records pointing to the same IP. Reverse lookup has nothing to do with it; as that would a) be in a separate zone and b) would be using PTR records. Certificates are also irrelevant here.






                share|improve this answer






















                  up vote
                  4
                  down vote










                  up vote
                  4
                  down vote









                  It's perfectly valid to have multiple A records pointing to the same IP. Reverse lookup has nothing to do with it; as that would a) be in a separate zone and b) would be using PTR records. Certificates are also irrelevant here.






                  share|improve this answer












                  It's perfectly valid to have multiple A records pointing to the same IP. Reverse lookup has nothing to do with it; as that would a) be in a separate zone and b) would be using PTR records. Certificates are also irrelevant here.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered 1 hour ago









                  bodgit

                  2,752520




                  2,752520






















                      up vote
                      1
                      down vote













                      That is only a forward zone and as @bodgit answered that is perfectly valid for all use cases.



                      The main potential disadvantage of the above is an administrative one. For a single zone not too much of an issue but with many host names in many different domains much more so: in case of a change of ip-address every A record with that ip-address will need to be updated, where CNAME records will automtically follow the ip-address change of their target FQDN and would not need to be updated.



                      For a reverse zone, doing something almost similar is AFAIK also technically valid:



                      10.1.168.192.in-addr.arpa. IN PTR subdomain1.example.com.
                      10.1.168.192.in-addr.arpa. IN PTR subdomain2.example.com.
                      10.1.168.192.in-addr.arpa. IN PTR subdomain3.example.com.


                      but that won't have the effect people usually seem to expect.



                      subdomain1.example.com. will always point to 192.168.1.10 but the reverse lookup will most of the time NOT point back to subdomain1.example.com.

                      The above will become a round-robin DNS record where 1/3 of the responses will return an "incorrect" response of subdomain2.example.com. , 1/3 of the responses will return an also "incorrect" response of subdomain3.example.com. and only a 33% chance exists that the "correct" response of subdomain1.example.com. will be seen.






                      share|improve this answer


























                        up vote
                        1
                        down vote













                        That is only a forward zone and as @bodgit answered that is perfectly valid for all use cases.



                        The main potential disadvantage of the above is an administrative one. For a single zone not too much of an issue but with many host names in many different domains much more so: in case of a change of ip-address every A record with that ip-address will need to be updated, where CNAME records will automtically follow the ip-address change of their target FQDN and would not need to be updated.



                        For a reverse zone, doing something almost similar is AFAIK also technically valid:



                        10.1.168.192.in-addr.arpa. IN PTR subdomain1.example.com.
                        10.1.168.192.in-addr.arpa. IN PTR subdomain2.example.com.
                        10.1.168.192.in-addr.arpa. IN PTR subdomain3.example.com.


                        but that won't have the effect people usually seem to expect.



                        subdomain1.example.com. will always point to 192.168.1.10 but the reverse lookup will most of the time NOT point back to subdomain1.example.com.

                        The above will become a round-robin DNS record where 1/3 of the responses will return an "incorrect" response of subdomain2.example.com. , 1/3 of the responses will return an also "incorrect" response of subdomain3.example.com. and only a 33% chance exists that the "correct" response of subdomain1.example.com. will be seen.






                        share|improve this answer
























                          up vote
                          1
                          down vote










                          up vote
                          1
                          down vote









                          That is only a forward zone and as @bodgit answered that is perfectly valid for all use cases.



                          The main potential disadvantage of the above is an administrative one. For a single zone not too much of an issue but with many host names in many different domains much more so: in case of a change of ip-address every A record with that ip-address will need to be updated, where CNAME records will automtically follow the ip-address change of their target FQDN and would not need to be updated.



                          For a reverse zone, doing something almost similar is AFAIK also technically valid:



                          10.1.168.192.in-addr.arpa. IN PTR subdomain1.example.com.
                          10.1.168.192.in-addr.arpa. IN PTR subdomain2.example.com.
                          10.1.168.192.in-addr.arpa. IN PTR subdomain3.example.com.


                          but that won't have the effect people usually seem to expect.



                          subdomain1.example.com. will always point to 192.168.1.10 but the reverse lookup will most of the time NOT point back to subdomain1.example.com.

                          The above will become a round-robin DNS record where 1/3 of the responses will return an "incorrect" response of subdomain2.example.com. , 1/3 of the responses will return an also "incorrect" response of subdomain3.example.com. and only a 33% chance exists that the "correct" response of subdomain1.example.com. will be seen.






                          share|improve this answer














                          That is only a forward zone and as @bodgit answered that is perfectly valid for all use cases.



                          The main potential disadvantage of the above is an administrative one. For a single zone not too much of an issue but with many host names in many different domains much more so: in case of a change of ip-address every A record with that ip-address will need to be updated, where CNAME records will automtically follow the ip-address change of their target FQDN and would not need to be updated.



                          For a reverse zone, doing something almost similar is AFAIK also technically valid:



                          10.1.168.192.in-addr.arpa. IN PTR subdomain1.example.com.
                          10.1.168.192.in-addr.arpa. IN PTR subdomain2.example.com.
                          10.1.168.192.in-addr.arpa. IN PTR subdomain3.example.com.


                          but that won't have the effect people usually seem to expect.



                          subdomain1.example.com. will always point to 192.168.1.10 but the reverse lookup will most of the time NOT point back to subdomain1.example.com.

                          The above will become a round-robin DNS record where 1/3 of the responses will return an "incorrect" response of subdomain2.example.com. , 1/3 of the responses will return an also "incorrect" response of subdomain3.example.com. and only a 33% chance exists that the "correct" response of subdomain1.example.com. will be seen.







                          share|improve this answer














                          share|improve this answer



                          share|improve this answer








                          edited 10 mins ago

























                          answered 36 mins ago









                          HBruijn

                          51k1083137




                          51k1083137



























                               

                              draft saved


                              draft discarded















































                               


                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function ()
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f938084%2fcan-bind-setup-with-only-a-names-and-fully-qualified-host-names-work-properly%23new-answer', 'question_page');

                              );

                              Post as a guest













































































                              Comments

                              Popular posts from this blog

                              What does second last employer means? [closed]

                              Installing NextGIS Connect into QGIS 3?

                              One-line joke