in-addr.arpa

B

Bill MT

A year ago I build a new W2K forest (root domain) and then
upgraded an NT4.0 domain into a second domain in the
forest.

Prior to that we had a standard public DNS structure (for
mostly non-MS devices).

At the time of the migration (upgrade) to W2K we created
new internal-only forward zones for the W2K-AD.

Because I didn't want to break the existing in-arpa
reverse zones at that time I elected not to change my
reverse zones to dynamic zones.

Thus, my AD zones have been running for a year without
being able to do any reverse lookups, but nothing appears
to be broken. All services (servers/clients) work fine.

Does any MS OSs use/do reverse zone lookups?

What are the consequences of not having any in-addr.arpa
entries for my AD forest/domains. I'm even running E2K
successfully, at least as far as I can tell.

The only service that acts weird is the licensing server
which has replicated the original licenses of the updated
domain several times within it's database.
 
J

John Coutts

A year ago I build a new W2K forest (root domain) and then
upgraded an NT4.0 domain into a second domain in the
forest.

Prior to that we had a standard public DNS structure (for
mostly non-MS devices).

At the time of the migration (upgrade) to W2K we created
new internal-only forward zones for the W2K-AD.

Because I didn't want to break the existing in-arpa
reverse zones at that time I elected not to change my
reverse zones to dynamic zones.

Thus, my AD zones have been running for a year without
being able to do any reverse lookups, but nothing appears
to be broken. All services (servers/clients) work fine.

Does any MS OSs use/do reverse zone lookups?

What are the consequences of not having any in-addr.arpa
entries for my AD forest/domains. I'm even running E2K
successfully, at least as far as I can tell.

The only service that acts weird is the licensing server
which has replicated the original licenses of the updated
domain several times within it's database.
***************** REPLY SEPARATER ********************
In my humble opinion (IMHO), reverse lookup (PTR records) is a standard that
has basically outlived it's usefullness. At one time (when everyone had their
own public IP address), they were used to confirm the identity of the machine
connecting to larger networks such as a campus. It is a top down driven process
in which the authority must be allocated from the network above it. Because of
the fact that many domains can be supported on a single IP address, and because
of the difficulty in getting ISPs to maintain these records properly (some
don't even supply reverse records), they have become unreliable as an
identification method. Some mail servers will check to see that a reverse
record exists, but they can't really tie it to the domain name used.

That is the situation for public addresses. In terms of private networks
(192.168.0.0/10.0.0.0), I see even less utility. But that does not mean that a
good use could not be found.

J.A. Coutts
 
B

BillMT

-----Original Message-----

***************** REPLY SEPARATER ********************
In my humble opinion (IMHO), reverse lookup (PTR records) is a standard that
has basically outlived it's usefullness. At one time (when everyone had their
own public IP address), they were used to confirm the identity of the machine
connecting to larger networks such as a campus. It is a top down driven process
in which the authority must be allocated from the network above it. Because of
the fact that many domains can be supported on a single IP address, and because
of the difficulty in getting ISPs to maintain these records properly (some
don't even supply reverse records), they have become unreliable as an
identification method. Some mail servers will check to see that a reverse
record exists, but they can't really tie it to the domain name used.

That is the situation for public addresses. In terms of private networks
(192.168.0.0/10.0.0.0), I see even less utility. But that does not mean that a
good use could not be found.

J.A. Coutts

J.A. Thanks for your comments. I understand your answer
exactly. However, I'm still back to my main question.
Does AD (or the MS operating systems themeselves)
require/use reverse DNS lookups for any critical
functionality. If I had the reverse zones set dynamic
what AD records would be populated in them, thus what am I
missing (or breaking) by not having reverse dynamic zones
for my AD infrastructure. I will also post this post into
an AD group to see if I can get an answer from an AD
expert. - bill
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top