Andrew Dunstan <[EMAIL PROTECTED]> writes: > The reason it wasn't done years ago was that there was disagreement on > the way it should work. And the TODO actually lists several alternatives:
IIRC, the major reason there was disagreement was the prospect of unacceptable performance from any of the easy or obvious implementations. As Andrew S notes, you can't just do the lookups once at postmaster start; but resolving a pile of hostnames during each connection is pretty unpleasant, especially if the DNS server isn't local. (And then there are the effective-DOS implications if the DNS server is down altogether.) The attraction of the reverse-lookup approach is that you do only one lookup, on the actual connection IP, rather than having to resolve every hostname in the file to see if it matches. However that way had disadvantages of its own, which I don't recall at the moment. I think at least some of the issues had to do with security, ie how much can you trust an answer from a remote DNS server. Check the archives before you start implementing ... regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers