?
Solved

A remote site having issues with reverse lookup against our domain

Posted on 2012-03-27
6
Medium Priority
?
330 Views
Last Modified: 2012-04-08
Hi Experts,

I'm a part of a .mil organization with a group of users that are trying to reach a website that is part of another .mil domain not within our forest. They can access the website just fine, but the website performs a reverse lookup before giving a user access to a group of subsystems; if the user's public IP does not reverse back to a .mil host then you will be denied some of your access. This is the current problem this website is having. I called the DNS folks that the particular .mil website points to and I confirmed that they can not perform a reverse lookup using nslookup from their workstation as well. I should also note that they CAN perform a forward lookup on our records just fine.

My first step to make sure that the problem was not on our end was to run a reverse lookup of our namespace using public dns lookup tools, such as www.mxtoolbox.com. I can perform a forward and reverse lookup against our proxy hostname and a few other nodes as well without issue. I also confirmed with my directory service folks in charge of DNS that all of our records are in place.

Does anyone know what the potential problem may be? What things should I be looking for when a remote site can perform a forward lookup, but not a reverse lookup. No other known remote site is having this issue with hitting our PTR record... just this one site it seems.
0
Comment
Question by:kj_syence
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 37771107
create a new forward lookupzone in your forest with the name of other .mil and crate a and ptr record point that website to the remote address.

what i beleave if users try to resolve the site it'll resolve by local domain... name without any issue.

and hopefully the reverse.. too


try if it solves your issue...
0
 
LVL 1

Author Comment

by:kj_syence
ID: 37771666
Hi,

I hope I understood what you're saying, but it's not us having the issue resolving the website. We can perform successful forward and reverse lookups against them just fine. It's the website that is having the issue running rDNS against our namespace.
0
 
LVL 40

Accepted Solution

by:
footech earned 2000 total points
ID: 37790176
So if I'm understanding what you've described correctly, if you were to go to http://www.whatismyip.org, and it returned your IP as 100.200.300.400, what you need is a PTR record for 100.200.300.400 that points back at "something.whatever.mil".  If this is already the case and there's still a problem, then I would say it's a matter of where the other site is performing its reverse lookups (i.e. performing lookups against an internal server only that isn't recursively going out to the internet).
0
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

 
LVL 1

Author Comment

by:kj_syence
ID: 37797866
footech,

Thanks for the response. If the far site had issues recursively going out to the internet, would'nt that also affect them pulling our A Records? Forward lookup is working just fine.
0
 
LVL 40

Assisted Solution

by:footech
footech earned 2000 total points
ID: 37803001
Assuming that their DNS has no knowledge of your domain, that is correct.

Are there other sites that do this same check, which work correctly?

If I were you I would ask to see the results of their nslookup on your IP.  The only other thing I can think of would be that they have a bad entry in their cache which isn't getting cleared out.  If they can run "nslookup <yourIP>" and get an error, but run "nslookup <yourIP> 8.8.8.8" and it returns fine, you know something is wrong with their DNS.
0
 
LVL 1

Author Closing Comment

by:kj_syence
ID: 37821082
Ultimately it was the far site creating a reverse lookup zone which interfered with recursion for our IP range.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question