Purpose of in-addr.arpa within Server 2016 DNS

IT Guy
IT Guy used Ask the Experts™
on
What is the purpose of in-addr.arpa within Server 2016 DNS?

in-addr.arpa
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Software Engineer
Distinguished Expert 2018
Commented:
in-addr.arpa is reseved for reverse lookup of names with IPv4 addresses...

If you want to know the name of a system say 1.2.3.4 then you need to query the dns for
4.3.2.1.in-addr.arpa   the record type is PTR.
f.e.
dig -x 1.1.1.1
dig -x 172.217.17.110
dig -x 8.8.4.4
#or
dig 4.4.8.8.in-addr.arpa. PTR

Open in new window

Jose Gabriel Ortega CastroTop Rated Freelancer on MS Technologies
Awarded 2018
Distinguished Expert 2018
Commented:
There are 2 kinds of Zones in a DNS.

Direct zones.... (From NAME to IP)
It's the way internet goes, like :   www.google.com => x.x.x.x (Ipv4 or Ipv6)
You can verify this by doing: ping www.google.com and receiving 216.58.211.100 and responses

And Inverse Zones.... (From IP to NAME)
Example:  8.8.8.8  => should be dns1 from google , 8.8.8.8 -> google-public-dns-a.google.com
You can verify this by doing: ping /a 8.8.8.8 and getting google-public-dns-a.google.com
Basically what you're seeing is the Inverse zone of your internal infrastructure.
It's usually not in use at least you have a big network.
nociSoftware Engineer
Distinguished Expert 2018
Commented:
Reverse addresses are used by several servces ostly for loggin puposes to log a name with an IP address.
Also e-mail services mostly require correctly setup systems, with reverse lookup to get spammers to run all hoops and not have shoddy setups.
(For many reverse IP's you need the cooperation from your ISP. so that reduces a lot of spam...)
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

kevinhsiehNetwork Engineer
Commented:
I am literally looking at reverse DNS entries right now to identify traffic going through my firewall. My local reverse lookup zones helps my know what device is 10.10.20.45. Unfortunately, many cloud based reverse lookup zones don't give you very useful information. Look at these results:

> 23.9.32.36
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    a23-9-32-36.deploy.static.akamaitechnologies.com
Address:  23.9.32.36

Would you have any idea that is the server for www.sophos.com?

www.sophos.com
Non-authoritative answer:
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    e6203.b.akamaiedge.net
Address:  23.9.32.36
Aliases:  www.sophos.com
          www.sophos.com.edgekey.net

>

https://en.wikipedia.org/wiki/Reverse_DNS_lookup
nociSoftware Engineer
Distinguished Expert 2018
Commented:
Correct as those systems don't run for one service but many thousands (easily).  The answers would typically not fit in a DNS answer.

You should see more consistent results with mailserver DNS, except with live.com / hotmail.com / Office365.com etc.
there forward & reverse lookup don't always match the reported & actual hostname (from HELO/EHLO) . live.com server posing as hotmail etc.
that SHOULD NOT happen with mail services.
(that is also the case with their certificates not matching domains/hostnames etc.).
Distinguished Expert 2017
Commented:
Main point of unif reverse is to avoid unnecessary delays to lookup private ip space
One should commonly add the private ip spaces.
date ; nslookup 8.8.8.8; date
date ; nslookup 10.0.0.1 ; date

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial