Re: is is able to setting up DNS server reverse lookup with DynamicIP?

From: Chuck Swiger <cswiger@xxxxxxx>
Date: Fri, 13 Jul 2007 10:13:03 -0700

On Jul 12, 2007, at 10:36 PM, Olivier Nicole wrote:

I'm using dynamicDNS, so I will able to specify the forward *AND*
reverse lookups?

Yes.

No, nobody else is going to see the results your local nameserver sends since it isn't authoritative for the domains, and the delegation for the IP block isn't going to point to your server but to the actual nameserver. Take a look at what happens when someone using an external nameserver does the same queries:

Forward DNS lookup: (alrw17.desktops.cs.ait.ac.th is dynamic DNS)

banyan<on>57: dig alrw17.desktops.cs.ait.ac.th

; <<>> DiG 9.3.1 <<>> alrw17.desktops.cs.ait.ac.th
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15772
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;alrw17.desktops.cs.ait.ac.th. IN A

;; ANSWER SECTION:
alrw17.desktops.cs.ait.ac.th. 3600 IN A 192.41.170.214

;; AUTHORITY SECTION:
desktops.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th.

;; ADDITIONAL SECTION:
dns.cs.ait.ac.th. 43200 IN A 192.41.170.15

;; Query time: 1 msec
;; SERVER: 192.41.170.15#53(192.41.170.15)
;; WHEN: Fri Jul 13 12:35:23 2007
;; MSG SIZE rcvd: 96

% dig alrw17.desktops.cs.ait.ac.th

; <<>> DiG 9.3.4 <<>> alrw17.desktops.cs.ait.ac.th
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;alrw17.desktops.cs.ait.ac.th. IN A

;; AUTHORITY SECTION:
desktops.cs.ait.ac.th. 10800 IN SOA dns.cs.ait.ac.th. postmaster.cs.ait.ac.th. 2006139734 21600 1800 1209600 43200

;; Query time: 892 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 13 13:09:14 2007
;; MSG SIZE rcvd: 97

Notice the NXDOMAIN response...?

Reverse DNS lookup:

banyan<on>58: dig -x 192.41.170.214

; <<>> DiG 9.3.1 <<>> -x 192.41.170.214
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14984
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;214.170.41.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
214.170.41.192.in-addr.arpa. 43200 IN CNAME 214.170.41.192.rev- dns.cs.ait.ac
.th.
214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR alrw17.desktops.cs.ait.ac.th.

;; AUTHORITY SECTION:
170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th.

;; ADDITIONAL SECTION:
dns.cs.ait.ac.th. 43200 IN A 192.41.170.15

;; Query time: 9 msec
;; SERVER: 192.41.170.15#53(192.41.170.15)
;; WHEN: Fri Jul 13 12:35:31 2007
;; MSG SIZE rcvd: 158

% dig -x 192.41.170.214
; <<>> DiG 9.3.4 <<>> -x 192.41.170.214
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53167
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;214.170.41.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
214.170.41.192.in-addr.arpa. 43200 IN CNAME 214.170.41.192.rev- dns.cs.ait.ac.th.
214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR VAIO.desktops.cs.ait.ac.th.

;; AUTHORITY SECTION:
170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th.

;; Query time: 438 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 13 13:09:49 2007
;; MSG SIZE rcvd: 140

The answer everyone else gets, VAIO.desktops.cs.ait.ac.th, doesn't match alrw17.desktops.cs.ait.ac.th, so a double-reverse lookup check would fail.

--
-Chuck

_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Follow-Ups:
- Re: is is able to setting up DNS server reverse lookup with DynamicIP?
  - From: Olivier Nicole

References:
- is is able to setting up DNS server reverse lookup with DynamicIP?
  - From: vuthecuong
- Re: is is able to setting up DNS server reverse lookup with DynamicIP?
  - From: Olivier Nicole

Prev by Date: Problem with Broadcom 5704 B1 on amd64 6.2 release
Next by Date: Re: how to start apache22 without ssl
Previous by thread: Re: is is able to setting up DNS server reverse lookup with DynamicIP?
Next by thread: Re: is is able to setting up DNS server reverse lookup with DynamicIP?
Index(es):
- Date
- Thread

Relevant Pages

Re: Help - Exchange not recieving mail
... malgeri.com SOA (Zone of Authority) ... malgeri.com NS (Nameserver) ns3.web.bellsouth.net ... > I can get your server with the IP that you gave us... ...
(microsoft.public.windows.server.sbs)
Re: I was asked to post this message regarding Golden Eggs
... Even though it reports its own address as an authority for the ... Server: dns1.na.baesystems.com ... visiocafe.com nameserver = ns1.i-mecca.net ... ns1.i-mecca.net internet address = 216.113.197.100 ...
(comp.os.vms)
Re: Bind response
... ; (1 server found) ... ;; MSG SIZE rcvd: 47 ... Here why authority section is not returned? ...
(comp.protocols.dns.bind)
Re: What does a firewall do?
... AdaOS is fully distributed, so this network acts as if it were ... a web server with several CGI programs offering ... An authority is a token that a program 'quotes' when requesting ... and may not overlap with any other port range). ...
(comp.security.firewalls)
Re: No such Name, and 5second dns delay.
... Frame 163 ... Authority RRs: 0 ... Primary name server: ns1.domain.com ... Addr: 192.5.6.30 ...
(comp.protocols.dns.bind)