On 26 Jun 2005, at 15:32, David MacQuigg wrote:
At 12:31 PM 6/26/2005 +0000, John Levine wrote:
This is the question:
If you are trying to address another issue with your CIDR
suggestion, is
there any reason that a single host's HELO would need to be
associated
with multiple A records other than (1) multi-homing or (2) using a
domain
name rather than a host name for a HELO?
If a host name is multihomed, it should be obvious that the addresses
are in address ranges that are routed differently.
Good point. I was thinking more of the situation where you have 9
machines in one rack. In that case, they could all be put in the same
IP block. Machines in another building should probably have a
different name anyway.
</lurk>
A multihomed host does not involve address ranges that are routed
differently *physically* as in "in another building".
Take, for example, a single host "smtp.example.com" with a dual NIC.
One NIC has the IP address 10.0.0.27, and the other NIC has the IP
address 192.168.0.27. There is no CIDR block that contains both of
those addresses.
I can't think of a single example of a multihomed host where a CIDR
block (beyond a /32) would be meaningful, i.e., where it would
encompass more than one of that host's IP addresses without including
addresses for other, unrelated hosts.
Think of some overworked guy who spends all day answering help desk
calls
at a small ISP. One day he has to deal with a new problem - some
"authentication thingy" that is causing his outgoing mail to be
rejected.
The small ISPs I know have maybe three mail hosts. After he spends 20
minutes researching what the heck CSV is, don't you think it would be
better for us to encourage him to to spend 3 minutes adding his three
correct CSV records rather than 2 minutes adding a bogus CSV record
with a bogus overbroad CIDR block that would doubtless include all of
the spam zombies in his DSL range?
I agree we shouldn't do anything bogus. The situation I'm thinking of
is an ISP with a big IP block, most of which is allocated to
residential customers. If that ISP can move his mailouts to one small
range of that block, he can protect his mailouts without limiting his
customers.
Whether all of the ISP's mail servers are given consecutive IP
addresses or not, if each host has a separate record, there is no
economy in using a CIDR block. In fact, because the records are "per
host", the CIDR block couldn't be more than a "/32" anyway.
The only scenario under which I can see a CIDR block providing any
economy is if multiple mail servers all use a common domain name rather
than their individual host names for a HELO, which is why I asked the
question John Levine quoted at the top of this message. I don't
understand CSV well enough to understand how that scenario is
addressed. Personally, though, I don't like the idea of using a domain
name for a HELO.
It seems to me, Dave, that you have a fundamental problem with an "one
host - one record" approach. I don't know whether that is because you
don't understand it or just don't agree with it. Your notes all seem
to assume a preference for a "multiple hosts - one record" approach.
<lurk>
--
Mike Pinkerton
pselists(_at_)mindspring(_dot_)com