ingress filtering
Eric Germann
ekgermann at cctec.com
Fri May 29 18:55:11 UTC 1998
>From your vantage point, it seems to work fine. Remember DNS is based on
UDP. Packet losses are fairly common. If the reverse doesn't answer fast
enough, it will time out and do the reverse via 137. Since IN-ADDR.ARPA is
highly delegated, if anyone in the chain is slow, or non-existant, it can
take awhile. Timeout = lookup via NetBIOS.
Did a packet capture. DNS Request for reverse. DNS Answer. No NetBIOS
137 packets. Sorry dude.
Eric
At 10:44 AM 5/29/98 -0400, John Fraizer wrote:
>At 08:09 AM 5/29/98 -0400, you wrote:
>>Actually it has nothing to do with WINS. If all the ISP's would implement
>>solid in-addr.arpa reverse mappings, this would go away. Microsoft's DNS
>>resolver has been extended, when DNS lookups fail, to do a reverse NETBIOS
>>query against the target machine so it can use its name when displaying
>>stuff via NBTSTAT, etc. It was designed this way, before the Internet
>>became popular.
>
>The reverse on the name being queried works just fine:
>
>[OverKill]:/# nslookup www.stefcam.com
>Server: NS1.ENTERZONE.NET
>Address: 209.41.244.5
>
>Name: STEFCAM.COM
>Address: 209.41.244.238
>Aliases: www.stefcam.com
>
>[OverKill]:/# nslookup 209.41.244.238
>Server: NS1.ENTERZONE.NET
>Address: 209.41.244.5
>
>Name: StefCAM.Com
>Address: 209.41.244.238
>
>
>
>
>-------
>John Fraizer (root) | __ _ |
>The System Administrator | / / (_)__ __ ____ __ | The choice
>mailto:root at EnterZone.Net | / /__/ / _ \/ // /\ \/ / | of a GNU
>http://www.EnterZone.Net/ | /____/_/_//_/\_,_/ /_/\_\ | Generation
> A 486 is a terrible thing to waste...
>
=============================================================================
Eric Germann Computer and Communications Technologies
ekgermann at cctec.com Van Wert, OH 45891
Phone: 419 968 2640
http://www.cctec.com Fax: 419 968 2641
Network Design, Connectivity & System Integration Services
A Microsoft Solution Provider
More information about the NANOG
mailing list