Reverse lookup zone
Joseph S D Yao
jsdy at center.osis.gov
Mon Nov 25 20:01:54 UTC 2002
On Mon, Nov 25, 2002 at 06:07:07PM +0000, Chris Morley wrote:
> Hi, have read a brief overview of dns, am somewhat confused about reverse
> lookup zones. Are they required fro the internet to work properly?
Not everything requires them, but for the public Internet as a whole to
work properly, or even your local internet to work properly, they
should be in place.
They provide a way to do the reverse lookup, starting from an IP
address, and determining the correct name for that IP address. But,
again, only is they are set up correctly.
There is really nothing mysterious about reverse DNS. The choice of
base domain, "in-addr.arpa.", wasn't completely random, but you can
treat it as such, it's just "a" base domain. For the rest:
The person who is allocated the (e.g.) 200.*.*.* IP addresses has to
maintain the lookup table for the domain 200.in-addr.arpa.
This person may delegate 200.201.*.* to one person, and 200.202.*.* to
another person. That person then goes into domain 200.in-addr.arpa and
instructs it to delegate the domain 201.200.in-addr.arpa to the first
person's name servers, and the domain 202.200.in-addr.arpa to the
second person's name servers. The first person must maintain the
lookup table for the domain 201.200.in-addr.arpa. The second person
must maintain the lookup table for the domain 202.200.in-addr.arpa.
The first person in the above example may delegate 200.201.199.* to one
person, and 200.201.198.* to another person. That person then goes
into domain 201.200.in-addr.arpa and instructs it to delegate the
domain 199.201.200.in-addr.arpa to the first person's name servers, and
the domain 198.201.200.in-addr.arpa to the second person's name
servers. The first person must maintain the lookup table for the
domain 199.201.200.in-addr.arpa. The second person must maintain the
lookup table for the domain 198.201.200.in-addr.arpa.
If I want to know the name for IP address 200.201.199.75, I must turn
this into the reverse lookup 75.199.201.200.in-addr.arpa, and look for
a PTR record that is a pointer back to the correct name. I find this
PTR record, of course, in the lookup table (the zone file) for the
199.201.200.in-addr.arpa domain.
But only if all reverse DNS domains are set up correctly.
Capish?
--
Joe Yao jsdy at center.osis.gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the bind-users
mailing list