Reverse lookups

John Cichy john at greengator.com
Sat Dec 9 21:31:01 UTC 2000 

Tim,

Thanks again. Now I understand where the reverse-lookup comes into play and will
keep in it in mind as I grow my sites. This will make it easier to deal with my
ISP, because now I know how to make the descision of what hostname on what IP to
have them post. Do you happen to know if https (secure web servers) use this
reverse lookup?

Thanks very much for your time and have a great weekend (what's left)...
John


Tim Maestas wrote:

>         Typically, clients will not look past the first PTR record
>         returned.  While you *can* defined multiple PTR records for
>         the same address, this is usually useless.
>
>         If you are simply doing web hosting with virtual domains
>         it really shouldn't matter what host is returned on a
>         reverse lookup.  Usually only security concerned apps will
>         perform a reverse lookup on the incoming IP, and then
>         perform a forward lookup on the resulting hostname to
>         attempt to insure that the IP is not being spoofed.  In any
>         case this should not cause you a problem.
>
> -Tim
>
> On Sat, 9 Dec 2000, John Cichy wrote:
>
> > Tim,
> >
> > Thanks for your reply.  The RFC helps from my end, but the ISP won't (I don't
> > think they know they can or how) perform classless reverse delegation (I
> > already asked). They will allow me to send them the hostnames though, but I'm
> > wondering, because a hostname is returned, do I really need to do this? If I
> > did get them to do the delegation, would I be able to have 4 domains returned
> > on the lookup? I thought I read somewhere that most clients only look at the
> > first name anyway? I'm not trying to get out of the work, just trying to
> > understand why I need to do it.
> >
> > Have a great day...
> > John
> >
> > Tim Maestas wrote:
> >
> > >         John, if you want delegation on a smaller than class C boundry,
> > >         your ISP will have to perform classless reverse delegation,
> > >         described in RFC2317.
> > >
> > >         When, as in your example, you define the zone
> > >         1.168.192.in-addr.arpa, but you don't own the whole class C,
> > >         you blind yourself to the rest of the addresses.
> > >
> > > -Tim
> > >
> > > On Sat, 9 Dec 2000, John Cichy wrote:
> > >
> > > >
> > > > Hello all,
> > > >
> > > > This is my first post, please be gentle.
> > > >
> > > > I need some advice about reverse-lookups. I have 5 static IP addresses
> > > > supplied to me by my ISP.  I have bind 2.2p5 setup to resolve my ip's to
> > > > the proper hosts on my network. The problem comes in when I try to
> > > > reverse lookup, if in named.conf I put:
> > > >
> > > > zone "1.168.192.in-addr.arpa" IN {
> > > >     type master;
> > > >     file "db.192.168.1";
> > > > }   ; example addresses changed purposely
> > > >
> > > > nslookup returns the proper hostnames for my IP's
> > > > (192.168.1.10,192.168.1.11,192.168.1.12.192.168.1.13,192.168.1.14), but
> > > > fails on any IP's that are outside of my range (ex 192.168.1.50), this
> > > > makes sense because I have not defined this address.
> > > >
> > > > If I try to use my network number (192.168.1.9) in the zone statement:
> > > >
> > > > zone "9.1.168.192.in-addr.arpa" IN {
> > > >     type master;
> > > >     file "db.192.168.1";
> > > > }   ; example addresses changed purposely
> > > >
> > > > nslookup  asks my ISP's dns servers to resolve the address, again this
> > > > makes sense because if I asked for 192.168.1.10 bind should not use this
> > > > zone. My ISP says that they will update their reverse lookup tables if I
> > > > send them a hostname for each IP. Sounds great, but here is my concern,
> > > > I am running virtual hosts on the ip's. Will it cause problems when
> > > > someone has received the IP 192.168.1.10 for virtualhost2.com, but when
> > > > reverse lookup is done the get mainhost.com instead? I don't completely
> > > > understand what the adverse affects of a different hostname being
> > > > returned on the reverse-lookup.
> > > >
> > > > BTW: my ISP's dns servers do return a hostname, although not mine, maybe
> > > > I should not do anything with reverse-lookup then????
> > > >
> > > > Thanks in advance and have a great day...
> > > > John
> > > >
> > > >
> > > >
> >

More information about the bind-users mailing list