Solved

Reverse DNS troubles

Posted on 2003-11-02
3
636 Views
Last Modified: 2010-04-11
Hi,

I'm having trouble getting our network to do reverse-dns lookups correctly. I'll try to explain a bit.

We registered two DNS machines at Network Solutions. We set up our master and slave machines, and can do forward lookups with no problems. We are using a big ISP to provide bandwidth to us- through the router that they provided. I am wondering if they need to set us up as authoritative for our domain name. The reason that I draw this conclusion is that I CAN do reverse lookups on the local area. However, outside the router and from another network, I cannot. My point is that I think that the host name is not getting resolved into an IP because of something between an outside network and my DNS machines. In short;

-inside LAN (reverse DNS lookups work)
-outside LAN (reverse DNS do NOT work)

Thank You
0
Comment
Question by:xybx
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
td_miles earned 100 total points
ID: 9669390
When you talk about "reverse-dns" you are meaning resolving an IP address to a domain name ? EG.


# dig -x 139.130.4.4

;; ANSWER SECTION:
4.4.130.139.in-addr.arpa. 86383 IN      PTR     uneeda.telstra.net.


??

If you are talking about reverse lookup in this sense, then yes, your ISP needs to delegate you as authorative for the reverse DNS of IP subnet they have allocated to you. You should be aware that you can only delegate on the Class boundaries for reverse DNS, so that if you got less than a /24  (ie. Class C) IP address allocation, then they can't delegate the reverse DNS to you. If this is the case you will have to get them to manually add the entries for the IP addresses that you have and require set up.
0
 
LVL 2

Author Comment

by:xybx
ID: 9671569
Hey, I appreciate it. I have read that information in one form or another, but you said it the way I needed to hear it.

We do have only a subset of a Class C. You wrote "..you will have to get them to manually add the entries for the IP addresses that you have and require set up." Does this mean we'll have to get them to add each domain we want reverse DNS for (We have a ton), or just the IP address?

Thanks

0
 
LVL 13

Expert Comment

by:td_miles
ID: 9674894
You may have multiple domains, but the number of IP addresses that you have is limited. All you need to do is talk to the right person (at your ISP) and say "here is a list of our server names & IP addresses, can you setup the reverse DNS for them", then give them a list that looks something like:

1.1.1.1 = www.domain.com
1.1.1.2 = mail.domain.com
1.1.1.3 = www.domain2.com
1.1.1.4 = sql.domain2.com

If you are doing virtual IP hosting (ie. hosting multiple domain websites on a single IP address) then a stack of the IP addresses will all be the same.

They will then add the above entries to their DNS for the zone  "1.1.1.in-addr.arpa." (in my above example) and you should then be able to resolve your IP addresses to the names of the servers that are running on them.

Some mail servers only accept connections from servers where they can do a reverse DNS lookup to verify that the server is who it says it is (as determined by DNS). As such, it is getting more important to have reverse DNS setup or else some things don't work.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now