Solved

External DNS Reverse DNS Lookup error - ???.in-addr.arpa

Posted on 2013-11-14
14
340 Views
Last Modified: 2014-10-07
Hi,

I have noticed a potential issue with our reverse DNS lookup. If I do a reverse lookup DNS test to our server it can resolve it but if I look on the secondary External DNS server we have with a secondary zone it shows up as ???.in-addr.arpa.

This comes up for all of the reverse DNS entries on the secondary server.
Reverse Lookup Issue
I am guessing this is because it looks like it is not showing the host IP address correctly.

This doesnt seem to be causing any problems at present or since it was put in a couple of years ago.

We had to specify the range of IP address we had to get this to replicated to our 3rd party dns provider - Janet.

I have always suspected this could be setup wrong but it is working.

Regards
0
Comment
Question by:Colchester_Institute
  • 7
  • 7
14 Comments
 
LVL 35

Expert Comment

by:Mahesh
ID: 39647652
It seems that during creation of PTR record, IP address is entered  wrongly.
Please find below formats
Standard format: For an IP block beginning at A.B.C.D /X, the reverse DNS zone should be D.C.B.A.in-addr.arpa.
Old format: For an IP block beginning at A.B.C.D /X, the reverse DNS zone would be D-X.C.B.A.in-addr.arpa. This is the format still used by some ISPs, and usually contains a slash (D/X.C.B.A.in-addr.arpa), which must be replaced with a dash.

Please check below article for more information.
http://dyn.com/support/reverse-dns/

You can ask to delete these wrong PTR records from Primary Reverse lookup zone
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39647973
Thanks for the reply I have emailed my ISP and await a response, I will let you know!
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39656038
Ok my ISP is still using the old format. So a step forward.

Something I cant figure out is how to add the pointer records in DNS on Server 2008 R2.

I have added the reverse lookup zone:Adding Reverse Lookup Zone (IP Addresses are example)It then looks like this:DNS lookup zone setup
But when I enter a new DNS Pointer Record this is where the problem lies it seems to screw up the FQDN for some reason??  Problem with FQDN
I have tried the different formats with the Classless entries with ranges etc but still comes up with a similar error.

I guess i must be doing something wrong, but reasearching the web and how to add reverse dns doesnt seem to work.

Any Ideas
Thanks
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39656166
I have tried your scenario in test lab and concluded below

I have 2 DCs, one 2003 and one 2008 R2

Now I have created below reverse lookup zone on 2008 R2 for subnet 192.168.10.0/24
0/24.10.168.192.in-addr.arpa
Zone added successfully but now i am unable to create PTR record.
Because server saying that it is invalid IP address.
Now I created AD replication. Zone got replicated to 2003 box
From 2003 box I am able to add PTR record successfully.
If I use "ping -a IP" Name resolution is also working
http://technet.microsoft.com/en-us/library/cc961414.aspx

Some how 2008 R2 server not recognize the reverse lookup zone format and thats why unable to create PTR records.Also I am unable to get name resolution from IP to host

Unfortunately, I do not found any MS documentaion regarding Reverse lookup zone on 2008 R2 with old format.

u can use 2003 DNS server to create old format Revese lookup zone and to add PTR records  as well.

You need to check where 2008 R2 DNS blocks old format DNS reverse lookup zone
Probably u may report MS with this bug and they will provide you solution for this.

Thanks
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39656184
Thanks for doing this test, I am glad that I am not going mad with this. I am really suprised that this hasnt been flagged up before and not on the web somewhere.

How can I go around flagging this up to Microsoft?

Thanks!
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 500 total points
ID: 39656198
Surprisingly true, unable to find on web

if you have MS support tickets \ partenership already with your company, then probably you can use them.

Otherwise, you can call MS support directly for advisory support.
In big companies normally there is Microsoft Technical Accounts Manager (TAM) is there who can take care of support calls.

If your issue is prooved as bug, then MS will not charge you.

because if you raise in MS tech forums \ Blogs, don't know how much time it will take.....

Thanks
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39668954
Trying to find a way to report this without entering creditcard details, which to be honest is a bit off on Microsofts front.

On finding a possible bug you cant report it unless you give them the option to charge you.

Maybe I should setup a not microsoft server for external DNS lookup?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 500 total points
ID: 39669750
that is true

Then the only way is to post your question with below Blogs

http://blogs.technet.com/b/askpfeplat/    - Microsoft premier field engineers blog
http://blogs.technet.com/b/askds/            - Microsoft directory Service blog

You need to post your question here
May be you need to register 1st

OR else you can go for unix bind \ linux based open source freeware dns server softwares
since they don't have GUI, management may be not easier.

Mahesh
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39847626
Sorry for delayed response on this, I cant find a way to post on these blogs.... it doesnt seem to user friendly :-(
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 500 total points
ID: 39847825
You need to register 1st on Microsoft with live account, its free and then you can post questions

Mahesh
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39849754
Hi Mahesh,

I have created a live account and I used the contact option on the links that you sent above so hopefully I will hear something.

Thanks for your help so far!
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39849770
yes, you got it perfectly

I hope some body TechNet guy will respond to this

Mahesh
0
 
LVL 1

Author Comment

by:Colchester_Institute
ID: 39923186
no responses as yet.
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 500 total points
ID: 39924194
Sorry Friend,

You have no option left other than Microsoft Support Ticket (paid Ticket)

If your issue is proved as a bug, you will not be charged but initially you do have to submit credit card NO to start with

Even if this is not a bug, its worth to spend some $$ to resolve long pending issue
Please open B grade call, which will be charged on issue basis and MS will work until issue get resolved and you will be charged only once.

Mahesh
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now