Reverse DNS Question

Jim Mercer jim at reptiles.org
Wed Apr 21 01:31:44 CDT 2010


On Tue, Apr 20, 2010 at 10:26:17AM -1000, Antonio Querubin wrote:
> On Tue, 20 Apr 2010, James Martin wrote:
> >What is the purpose for this besides resolving name-based reverse lookups?
> >Are there any definitive guides out there on how this works (besides the
> >ARIN site)?
> 
> It's for resolving address-based lookups.  When ARIN allocates address 
> space to you, you now become responsible for the reverse-lookups for that 
> allocated address range.

with forward DNS, anyone can map a domain to any arbitrary IP address, such
as mapping www.example.com to the same IP address as big-popular-bank.com.

there is nothing to prevent this, and in some cases it is acceptable, and in
some cases, possibly nefarious.

when the registeries (ARIN/RIPE/APNIC/etc) require the "owner" of an ip block
to define name servers for reverse maps, it provides a mechanism to double
check if a domain/ip-addr map is valid.

it isn't 100%, for sure, but, it is substantially better than nothing.

in this sense, www.example.com can have an A record of 192.168.1.1

and, through the reverse map, 1.1.168.192.in-addr.arpa will have a PTR record
of "www.example.com"

in fact, there can be multiple PTR records, in case you have multiple
domains pointing at the same IP address.

on many unix(-ish) systems, the "host" command will show you the reverse PTR
record, if you run: host 192.168.1.1 , it might show:

user at hostname% host 192.168.1.1
1.1.168.192.in-addr.arpa domain name pointer www.example.com.

keep in mind, this will only work if the name servers registered for the ip
block actually contain data.

check out:
http://en.wikipedia.org/wiki/Reverse_DNS_lookup

and, go to "Guide to reverse zones" in:
http://www.apnic.net/__data/assets/pdf_file/0009/9792/Reverse-DNS-manual.pdf

hope this is helpful

-- 
Jim Mercer        jim at reptiles.org        +92 336 520-4504
"I'm Prime Minister of Canada, I live here and I'm going to take a leak."
   - Lester Pearson in 1967, during a meeting between himself and
    President Lyndon Johnson, whose Secret Service detail had taken over
    Pearson's cottage retreat.  At one point, a Johnson guard asked
    Pearson, "Who are you and where are you going?"




More information about the NANOG mailing list