Reverse lookup

[Barry Margolin]

In article <9lrlnr$4dn at pub3.rc.vix.com>,
Mark Gosselin <gosselinm at netscout.com> wrote:
>Is it possible that my firewall could be configured to block reverse
>lookups, but not regular lookups??
>I can lookup by name and IP on my domain, and can lookup by name other
>domains (ie amazon.com)
>but, if I supply th IP address for amazon.com, I get a "non-existant
>domain" reply......

Is your firewall doing simple packet filtering, or is it acting as a DNS
server itself?  In the former case, it's unlikely that it would block DNS
requests based on details like this.  But if it's a DNS server, it could
possibly be configured as a primary server for IN-ADDR.ARPA, and it
wouldn't forward requests within this domain.

Another possibility is that your internal nameserver is configured as
primary for IN-ADDR.ARPA, so these queries are never getting to the
firewall at all.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.