Re: Why don't we allow DNS names in pg_hba.conf?

>
> If I am a road warrior I want to be able to connect, run my dynamic dns
> client, and go.
>
> HUPing the postmaster every 30 minutes sounds horrible, and won't work
> for what strikes me as the scenario that needs this most. And we surely
> aren't going to build TTL logic into postgres.
>
> I repeat - let's do this the simple way.

While I would certainly agree with you on this one in most cases, DNS is a
sticky and anoying system. Simple solutions typically fail to accomplish
anything. Ask anyone who has implemented DNS based load balancing. And
then, don't trust Windows to act accordingly to TTL values in host
records.

Maybe I'm not sure what you envision, but there are two options, a host
file on the postgresql server, or a DNS server the that postgresql server
interacts with. Your "dynamic dns" system may push a DNS entry up to some
shared DNS server, but you still need to mind the whole TTL issue.

I think what bothers me is that DNS is intended to be a directory for
clients to implement an outward connection by finding an IP address that
is routable. In your scenario of working as a road warrior, you are almost
certainly not going to be able to have a workable DNS host name unless you
have a raw internet IP address. More than likely you will have an IP
address (known to your laptop) as a 192 or 10 address. If you set your
address in some dynamic DNS system, your reported originating IP address
(to PostgreSQL) will most likely be wrong. It will be the public IP
address of your router that PostgreSQL will see.

The more I think about it the uglier it is, I would say an SSH tunnel
would be more secure and less problematic.