Though possible, bets practices is to only have a single A record for each IP and use CNAME records to point the others. On the flip side, a single IP can't reverse resolve to multiple names.
You should have one A record for 192.171.14.74 (say, autodiscover.imcu.com). Make CNAME records as aliases that point at autodiscover.imcu.com (CNAMES point to names, not IPs). For PTR, each IP can only resolve to a single name. That certainly appears to be an issue with the settings you've shown. If one box is hosting all the services you are hosting, and for SSL reasons you need the cert name to match a PTR/A name you will have to have a wildcard cert or use something like CloudFlare, which can manage such an issue without the cert name matching on the destination machine. I have some minor domains set up that way so that when users connect they don't get the dreaded cert warning in the browser. Or put multiple IPs on the server via any of a variety of methods and then you can have unique A records and PTR records for each IP. -- Mark From: David McSpadden <[email protected]> To: "[email protected]" <[email protected]> Date: 12/04/2015 12:42 PM Subject: RE: [NTSysADM] dns propagation errors Sent by: [email protected] Made the changes 24 hours ago with ttl 86400. I think my issue is the multiple PTRs for one ip? From: [email protected] [ mailto:[email protected]] On Behalf Of Mark Gottschalk Sent: Friday, December 4, 2015 3:37 PM To: [email protected] Subject: Re: [NTSysADM] dns propagation errors At risk of telling you stuff you already know, "propagation error" normally means you've recently made changes to your DNS and they've not yet propagated to other DNS servers around the world. Did you just (i.e. in the last few minutes to even hours) make the changes that you're referring to and not seeing them when using some other service/system's DNS? Some DNS servers don't even follow all the TTLs etc and might cache results beyond what you expect (a compromise they're making between being current and maintaining performance). Or even the local system could be caching old DNS results. We use CloudFlare for DNS and it's array of other great performance and security functionality (including the ability to make transparent SSL for domains/subdomains that don't actually have their own certs). I had our DNS on EasyDNS for years, and it worked great -- I'd use them again if needed. But after trying CloudFlare free subscription for some security functionality I ultimately moved DNS there as well. -- Mark From: David McSpadden <[email protected]> To: "[email protected]" <[email protected]> Date: 12/04/2015 11:38 AM Subject: [NTSysADM] dns propagation errors Sent by: [email protected] My DNS servicer is stating my PTR issues is a DNS propagation error? This is my zone currently: ;File created: 12/04/2015 16:23 ;Record count: 25 $ORIGIN imcu.com. @ 86400 IN SOA pdns206.ultradns.com. bill\.krause.fiserv.com. ( 2014081268 ;Serial 10800 ;Refresh 3600 ;Retry 2592000 ;Expire 86400 ;Minimum ) @ 86400 IN NS pdns206.ultradns.org. @ 86400 IN NS pdns206.ultradns.com. @ 86400 IN NS pdns206.ultradns.net. @ 86400 IN NS pdns206.ultradns.biz. autodiscover 600 IN A 192.171.14.74 legacymail 600 IN A 192.171.14.74 mail 600 IN A 192.171.14.74 outlook 600 IN A 192.171.14.74 74.14.171.192.in-addr.arpa 86400 IN PTR mail.imcu.com. 74.14.171.192.in-addr.arpa 86400 IN PTR outlook.imcu.com. 74.14.171.192.in-addr.arpa 86400 IN PTR legacymail.imcu.com. 74.14.171.192.in-addr.arpa 86400 IN PTR autodiscover.imcu.com. @ 86400 IN MX 10 mail.imcu.com. @ 86400 IN TXT "v=spf1 ip4:184.72.242.195 ip4:192.171.14.74 ~all" @ 86400 IN TXT "\"v=spf1 ip4:184.72.242.195 ip4:192.171.14.74 ~all\"" Am I missing an SOA? This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
