Reverse dns - Beginner question

[Nicolas Maurin]

Hello,

I read a lot of documentation about dns and active directory. I understood
how to configure parameters before installing active directory. I understood
how to configure dns and reverse dns. My problem is i dont undestand the
notion of reverse dns.
In which case the reverse dns is used ? Can you give me a simple example of
the utility or a reverse dns ?


Thanks.

 

[Kevin D. Goodknecht Sr. [MVP]]

Hello,

I read a lot of documentation about dns and active directory. I
understood how to configure parameters before installing active
directory. I understood how to configure dns and reverse dns. My
problem is i dont undestand the notion of reverse dns.
In which case the reverse dns is used ? Can you give me a simple
example of the utility or a reverse dns ?

Reverse lookup zones are semi-optional. I say semi-optional because while
the zone and PTR records are not neccessary for Active Directory
communication, some applications use PTR lookups in their process. One
application is nslookup, which performs a reverse lookup on the IP of the
DNS server it uses. Without a PTR for the DNS server nslooup gives you the
message "Can't find server name for address <IP_Address_of_DNS_server>"
Clients that are configured to register addresses in DNS will try to
register PTR records in the DNS server that is the SOA primary name server
for the reverse lookup. In the case of private IPs, this is typically
prisoner.iana.org and will try to make a secure connection to this DNS
server. Windows XP and Windows server 2003 will log 40960 & 40961 LsaSrv
errors because they cannot securely register in prisoner.iana.org.
Also, SMTP servers use PTR records to verify the SMTP server name on the IP
it connects from. This is not usually relevant in your local DNS server
because SMTP server lookup the PTR of the public IP and typically the public
IP PTRs are owned by the ISP, unless the ISP specifically delegates the
Reverse lookup to another DNS server.

 

[John Coutts]

Hello,

I read a lot of documentation about dns and active directory. I understood
how to configure parameters before installing active directory. I understood
how to configure dns and reverse dns. My problem is i dont undestand the
notion of reverse dns.
In which case the reverse dns is used ? Can you give me a simple example of
the utility or a reverse dns ?
Thanks.

************ REPLY SEPARATER ************
In the early days of the Internet, reverse lookup (PTR) was commonly used to
allow access to mainframe computers by confirming that the access IP address
matches who you say you are. The main problem is that reverse lookup is top
down driven. You can configure your reverse zone all you want, but unless
authority for your IP address range has been passed on to you from your
upstream provider, you are the only one that will see it. ISP's are generally
unwilling to allocate anything less than a "C" class network, and I personally
have even had trouble getting the authority for that. Because the domain owner
is not directly in control of the PTR records, and ISP's are unable or
unwilling to keep them up-to-date, the usefulness of PTR records is highly
questionable. Many new networks (ie. Asia & South America) do not even supply
PTR records.

IMHO, PTR records will eventually become deprecated.

J.A. Coutts