From owner-freebsd-questions@FreeBSD.ORG Fri Jul 13 17:13:04 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CFB4D16A404 for ; Fri, 13 Jul 2007 17:13:04 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22]) by mx1.freebsd.org (Postfix) with ESMTP id B997C13C4B5 for ; Fri, 13 Jul 2007 17:13:04 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay7.apple.com (relay7.apple.com [17.128.113.37]) by mail-out3.apple.com (Postfix) with ESMTP id AC5C8BA59AF; Fri, 13 Jul 2007 10:13:04 -0700 (PDT) Received: from relay7.apple.com (unknown [127.0.0.1]) by relay7.apple.com (Symantec Mail Security) with ESMTP id 970A4300BD; Fri, 13 Jul 2007 10:13:04 -0700 (PDT) X-AuditID: 11807125-a4222bb0000007e5-77-4697b2a0132e Received: from [17.214.13.96] (int-si-a.apple.com [17.128.113.41]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay7.apple.com (Apple SCV relay) with ESMTP id 788F430081; Fri, 13 Jul 2007 10:13:04 -0700 (PDT) In-Reply-To: <200707130536.l6D5akxS070187@banyan.cs.ait.ac.th> References: <46970917.3030502@fpt.vn> <200707130536.l6D5akxS070187@banyan.cs.ait.ac.th> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <157815A5-2619-4457-85B0-40941C58C284@mac.com> Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Fri, 13 Jul 2007 10:13:03 -0700 To: Olivier Nicole X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-questions@freebsd.org, cuongvt@fpt.vn Subject: Re: is is able to setting up DNS server reverse lookup with DynamicIP? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jul 2007 17:13:05 -0000 On Jul 12, 2007, at 10:36 PM, Olivier Nicole wrote: >> I'm using dynamicDNS, so I will able to specify the forward *AND* >> reverse lookups? > > Yes. No, nobody else is going to see the results your local nameserver sends since it isn't authoritative for the domains, and the delegation for the IP block isn't going to point to your server but to the actual nameserver. Take a look at what happens when someone using an external nameserver does the same queries: > Forward DNS lookup: (alrw17.desktops.cs.ait.ac.th is dynamic DNS) > > banyan57: dig alrw17.desktops.cs.ait.ac.th > > ; <<>> DiG 9.3.1 <<>> alrw17.desktops.cs.ait.ac.th > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15772 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, > ADDITIONAL: 1 > > ;; QUESTION SECTION: > ;alrw17.desktops.cs.ait.ac.th. IN A > > ;; ANSWER SECTION: > alrw17.desktops.cs.ait.ac.th. 3600 IN A 192.41.170.214 > > ;; AUTHORITY SECTION: > desktops.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th. > > ;; ADDITIONAL SECTION: > dns.cs.ait.ac.th. 43200 IN A 192.41.170.15 > > ;; Query time: 1 msec > ;; SERVER: 192.41.170.15#53(192.41.170.15) > ;; WHEN: Fri Jul 13 12:35:23 2007 > ;; MSG SIZE rcvd: 96 % dig alrw17.desktops.cs.ait.ac.th ; <<>> DiG 9.3.4 <<>> alrw17.desktops.cs.ait.ac.th ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30625 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;alrw17.desktops.cs.ait.ac.th. IN A ;; AUTHORITY SECTION: desktops.cs.ait.ac.th. 10800 IN SOA dns.cs.ait.ac.th. postmaster.cs.ait.ac.th. 2006139734 21600 1800 1209600 43200 ;; Query time: 892 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jul 13 13:09:14 2007 ;; MSG SIZE rcvd: 97 Notice the NXDOMAIN response...? > Reverse DNS lookup: > > banyan58: dig -x 192.41.170.214 > > ; <<>> DiG 9.3.1 <<>> -x 192.41.170.214 > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14984 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, > ADDITIONAL: 1 > > ;; QUESTION SECTION: > ;214.170.41.192.in-addr.arpa. IN PTR > > ;; ANSWER SECTION: > 214.170.41.192.in-addr.arpa. 43200 IN CNAME 214.170.41.192.rev- > dns.cs.ait.ac > .th. > 214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR > alrw17.desktops.cs.ait.ac.th. > > ;; AUTHORITY SECTION: > 170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th. > > ;; ADDITIONAL SECTION: > dns.cs.ait.ac.th. 43200 IN A 192.41.170.15 > > ;; Query time: 9 msec > ;; SERVER: 192.41.170.15#53(192.41.170.15) > ;; WHEN: Fri Jul 13 12:35:31 2007 > ;; MSG SIZE rcvd: 158 % dig -x 192.41.170.214 ; <<>> DiG 9.3.4 <<>> -x 192.41.170.214 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53167 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;214.170.41.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 214.170.41.192.in-addr.arpa. 43200 IN CNAME 214.170.41.192.rev- dns.cs.ait.ac.th. 214.170.41.192.rev-dns.cs.ait.ac.th. 3600 IN PTR VAIO.desktops.cs.ait.ac.th. ;; AUTHORITY SECTION: 170.41.192.rev-dns.cs.ait.ac.th. 43200 IN NS dns.cs.ait.ac.th. ;; Query time: 438 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jul 13 13:09:49 2007 ;; MSG SIZE rcvd: 140 The answer everyone else gets, VAIO.desktops.cs.ait.ac.th, doesn't match alrw17.desktops.cs.ait.ac.th, so a double-reverse lookup check would fail. -- -Chuck