Solved

DNS forward reverse

Posted on 2013-05-18
9
365 Views
Last Modified: 2013-05-27
dear guru,

we build new domain enviornmetn using w2k8 r2 sp1 based. we have 6 branches. where we plan to build window reverse dns.

we would like to know exactly
- by default whileing building additional domain or master domain controller so dns as forward work
- but how to do reverse dns
- can each server be forward and reverse dns
- advise what r the pros and crons of reverse dns
- how we can test forward and reverse dns functional

kind regards
tmsa
0
Comment
Question by:tmsa12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 39177044
in your Scenario all sites under same domain ?

and all are connected to each other ( can they ping each other) ?

if yes is all are having seperate network ip range... ?

they you have to configure sites and services add subnet in it ...

regardign the DNS, all sites are maintaining forward DNS record  A host record... which resolves name to IP address  i.e  when you ping abc.com the reply 192.168.1.1 like that

but the reverse dns resolves IP to DNS name ...  

so in your scenario all sites are published in main domain controller, and all sites are having their DNS server forward and reverse lookup zones.

so when all sites synchronizes ... i .e as well as all dns records sychronized and and all the DNS records will be updated and stored on each synch machine's DNS cache...

please see the article...

Reverse DNS

Reverse DNS is IP address to domain name mapping - the opposite of forward (normal) DNS which maps domain names to IP addresses.
 
Reverse DNS is separate from forward DNS.
 Forward DNS for "abc.com" pointing to IP address "1.2.3.4", does not necessarily mean that reverse DNS for IP "1.2.3.4" also points to "abc.com".
 This comes from two separate sets of data.
 
A special PTR-record type is used to store reverse DNS entries. The name of the PTR-record is the IP address with the segments reversed + ".in-addr.arpa".
 For example the reverse DNS entry for IP 1.2.3.4 would be stored as a PTR-record for "4.3.2.1.in-addr.arpa".
 
Reverse DNS is also different from forward DNS in who points the zone (domain name) to your DNS server.
 With forward DNS, you point the zone to your DNS server by registering that domain name with a registrar.
 With reverse DNS, your Internet connection provider (ISP) must point (or "sub-delegate") the zone ("....in-addr.arpa") to your DNS server.
 Without this sub-delegation from your ISP, your reverse zone will not work.
 
Reverse DNS is mostly used by humans for such things as tracking where a web-site visitor came from, or where an e-mail message originated etc.
 It is typically not as critical in as forward DNS - visitors will still reach your web-site just fine without any reverse DNS for your web-server IP or the visitor's IP.
 
However reverse DNS is important for one particular application.
 Many e-mail servers on the Internet are configured to reject incoming e-mails from any IP address which does not have reverse DNS.
 So if you run your own e-mail server, reverse DNS must exist for the IP address that outgoing e-mail is sent from.
 It does not matter what the reverse DNS record for your IP address points to as long as it is there. If you host multiple domains on one e-mail server, just setup reverse DNS to point to whichever domain name you consider primary.
 (e-mail servers checking for reverse DNS do recognize that it is normal to host many domains on a single IP address and it would be impossible to list all those domains in reverse DNS for the IP).
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39177062
Hi,

Please have a look at this video, Reverse DNS is very easy to setup on 1 DNS server and replicate it throughout your branches.

Windows Server 2008: reverse lookup zone
0
 

Author Comment

by:tmsa12
ID: 39177074
dear sir,

thank you for supprt

i need some clarification so i try to more simplyfy my requirement below

we have single domain tmsa.com
and 5-6 branches on same domain
but ip are different, means different subnet of each server

say 1st site has subnet of 10.10.10.0/24
2nd site has subnet 20.20.20.0/24
and so on...

kind regards
salim
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39177079
No Problem, i am sure you have defined them in Administrative Tools -> Active Directory Sites and Services so they can talk/ping to each other yes?
0
 

Author Comment

by:tmsa12
ID: 39177080
all branches are connected via vpn, so they work as vlan etc
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39177085
Hi,

Perfect ! if connection is there and VLAN is working we should think of a naming schema to use on your master domain controller and create them in

Administrative Tools -> Active Directory Sites and Services

Once that is done DNS can replicate so you can create the Reverse DNS lookup zone.
0
 

Author Comment

by:tmsa12
ID: 39177125
dear sir advise only

is it required reverse dns normal multiple ad, and dns servers or not.

kind regards
0
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 39177127
it's recommended...

and go ahead...

all the best
0
 
LVL 23

Accepted Solution

by:
Patrick Bogers earned 500 total points
ID: 39177156
Hi

No it is not required at all. Most use there is is normal forward DNS zones. Get ipaddress through hostname. (eg. ping servername1     answers    10.10.10.1)

Only if you have the need, in whatever way, to resolve hostnames by ip address (eg. Ping -a 10.10.10.1   answers  servername1 ) then you should implement reverse lookup. If you do not use this tecchnique, it is a waste of bandwith.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question