Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Jul 2007 10:13:03 -0700
From:      Chuck Swiger <cswiger@mac.com>
To:        Olivier Nicole <on@cs.ait.ac.th>
Cc:        freebsd-questions@freebsd.org, cuongvt@fpt.vn
Subject:   Re: is is able to setting up DNS server reverse lookup with	DynamicIP?
Message-ID:  <157815A5-2619-4457-85B0-40941C58C284@mac.com>
In-Reply-To: <200707130536.l6D5akxS070187@banyan.cs.ait.ac.th>
References:  <46970917.3030502@fpt.vn> <200707130536.l6D5akxS070187@banyan.cs.ait.ac.th>

next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 12, 2007, at 10:36 PM, Olivier Nicole wrote:
>> I'm using dynamicDNS, so I will able to specify the forward *AND*
>> reverse lookups?
>
> Yes.

No, nobody else is going to see the results your local nameserver  
sends since it isn't authoritative for the domains, and the  
delegation for the IP block isn't going to point to your server but  
to the actual nameserver.  Take a look at what happens when someone  
using an external nameserver does the same queries:

> Forward DNS lookup: (alrw17.desktops.cs.ait.ac.th is dynamic DNS)
>
> banyan<on>57: dig alrw17.desktops.cs.ait.ac.th
>
> ; <<>> DiG 9.3.1 <<>> alrw17.desktops.cs.ait.ac.th
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15772
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1,  
> ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;alrw17.desktops.cs.ait.ac.th.  IN      A
>
> ;; ANSWER SECTION:
> alrw17.desktops.cs.ait.ac.th. 3600 IN   A       192.41.170.214
>
> ;; AUTHORITY SECTION:
> desktops.cs.ait.ac.th.  43200   IN      NS      dns.cs.ait.ac.th.
>
> ;; ADDITIONAL SECTION:
> dns.cs.ait.ac.th.       43200   IN      A       192.41.170.15
>
> ;; Query time: 1 msec
> ;; SERVER: 192.41.170.15#53(192.41.170.15)
> ;; WHEN: Fri Jul 13 12:35:23 2007
> ;; MSG SIZE  rcvd: 96


% dig alrw17.desktops.cs.ait.ac.th

; <<>> DiG 9.3.4 <<>> alrw17.desktops.cs.ait.ac.th
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;alrw17.desktops.cs.ait.ac.th.  IN      A

;; AUTHORITY SECTION:
desktops.cs.ait.ac.th.  10800   IN      SOA     dns.cs.ait.ac.th.  
postmaster.cs.ait.ac.th. 2006139734 21600 1800 1209600 43200

;; Query time: 892 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 13 13:09:14 2007
;; MSG SIZE  rcvd: 97

Notice the NXDOMAIN response...?

> Reverse DNS lookup:
>
> banyan<on>58: dig -x 192.41.170.214
>
> ; <<>> DiG 9.3.1 <<>> -x 192.41.170.214
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14984
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1,  
> ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;214.170.41.192.in-addr.arpa.   IN      PTR
>
> ;; ANSWER SECTION:
> 214.170.41.192.in-addr.arpa. 43200 IN   CNAME   214.170.41.192.rev- 
> dns.cs.ait.ac
> .th.
> 214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR  
> alrw17.desktops.cs.ait.ac.th.
>
> ;; AUTHORITY SECTION:
> 170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS    dns.cs.ait.ac.th.
>
> ;; ADDITIONAL SECTION:
> dns.cs.ait.ac.th.       43200   IN      A       192.41.170.15
>
> ;; Query time: 9 msec
> ;; SERVER: 192.41.170.15#53(192.41.170.15)
> ;; WHEN: Fri Jul 13 12:35:31 2007
> ;; MSG SIZE  rcvd: 158

% dig -x 192.41.170.214
; <<>> DiG 9.3.4 <<>> -x 192.41.170.214
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53167
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;214.170.41.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
214.170.41.192.in-addr.arpa. 43200 IN   CNAME   214.170.41.192.rev- 
dns.cs.ait.ac.th.
214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR  
VAIO.desktops.cs.ait.ac.th.

;; AUTHORITY SECTION:
170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS    dns.cs.ait.ac.th.

;; Query time: 438 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 13 13:09:49 2007
;; MSG SIZE  rcvd: 140

The answer everyone else gets, VAIO.desktops.cs.ait.ac.th, doesn't  
match alrw17.desktops.cs.ait.ac.th, so a double-reverse lookup check  
would fail.

-- 
-Chuck





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?157815A5-2619-4457-85B0-40941C58C284>