Thread: Reverse DNS

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2004
    Location
    NC
    Posts
    7
    Rep Power
    0

    Reverse DNS


    I have inherited a network that was partially complete.
    The DNS was already setup.
    I have a router at my location with an internal IP schema....lets say 10.10.10.0.
    My connection to the outside world goes through a circuit to another router at another location. This router broadcasts my network with a different IP Schema...lets say 218.27.212.0.
    When I send an email to a specific entity, they are using rDNS. My emails get quarantined because my rDNS response does not return correctly.....actually no name is returned for the IP address.
    How do I go in on my DNS server and address this IP address that is broadcasted by the router (the 218.27.212.0 IP). That is what the recipient system is seeing. Can I put a pointer record in my dns for this?

    Thanks for any and all assistance.
    Mike
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    It's doubtful you are authoritative for your reverse. This is usually the ISP's area and they don't like delegating it out. Contact your ISP first and see if they can set one up. If they say it's delegated to you, you'll need to set up a zone for it in the DNS server.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2004
    Location
    NC
    Posts
    7
    Rep Power
    0
    Originally Posted by CaptPikel
    It's doubtful you are authoritative for your reverse. This is usually the ISP's area and they don't like delegating it out. Contact your ISP first and see if they can set one up. If they say it's delegated to you, you'll need to set up a zone for it in the DNS server.
    This is not through an ISP. It is on a GOV network. I am told I am authoritative. I have not control/access to router broadcasting external IP. So if I set up a zone on my DNS server, do I just setup the pointer or a complete zone with pointer or alias to the internal? I am learning DNS as I go....and like I said...I was handed this network that was partially completed and what was done was not necessarily correct. So I am working through it.
    Thanks for the assistance.
    Mike
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    It will need to be entered in whatever you have been delegated. I'm assuming the zone is 212.27.218.in-addr.arpa, but you'd need to double check that. That is where you would create the PTR record. PTR records won't load in a zone like example.com since it would be considered out of zone data. You might be able to do it playing around with $ORIGIN, I've never tried that actually. But I'd recommend it's own specific zone.

    I don't know if you're using Windows or BIND(hopefully BIND), but the below relative articles should help in setting it up.

    http://technet.microsoft.com/en-us/library/cc961414.aspx
    http://www.zytrax.com/books/dns/ch3/
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2004
    Location
    NC
    Posts
    7
    Rep Power
    0
    Originally Posted by CaptPikel
    It will need to be entered in whatever you have been delegated. I'm assuming the zone is 212.27.218.in-addr.arpa, but you'd need to double check that. That is where you would create the PTR record. PTR records won't load in a zone like example.com since it would be considered out of zone data. You might be able to do it playing around with $ORIGIN, I've never tried that actually. But I'd recommend it's own specific zone.

    I don't know if you're using Windows or BIND(hopefully BIND), but the below relative articles should help in setting it up.
    Unfortunately it is Windows...not by choice.
    I will check out the articles provided and get back.
    Thanks,
    Mike
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2004
    Location
    NC
    Posts
    7
    Rep Power
    0
    Originally Posted by MikeEller
    Unfortunately it is Windows...not by choice.
    I will check out the articles provided and get back.
    Thanks,
    Mike
    OK....I went through the articles....a lot of good information.
    But I think my issue is somewhat different. My DNS server is setup on and for my internal network (10.10.10.0) To the outside world, I look like 212.27.218.x. So how/where in my DNS do I put an entry? Do I create a forward lookup zone for this? And then a reverse lookup zone? or just a reverse zone?
    Locations I am sending emails to that are getting blocked say they error saying no rdns for 212.27.218.x. So I am at a loss on how to address this within the DNS I can control.
    Regards,
    Mike
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Zones are zones. Forward lookups and reverse lookups follow the same resolution process(start at the top and follow the hints). Personally I don't think about them as being different lookup methods. A DNS lookup is simply what is happening.

    The domain name where the PTR resides would be something like 212.27.218.in-addr.arpa and formatted something like this (at least in BIND...):

    Code:
    $TTL 2600
    212.27.218.in-addr.arpa             IN      SOA   ns1.yourserver.com. admin.yourserver.com. (
                                  2011072500
                                  3h
                                  15m
                                  2w
                                  1h
                                  )
    212.27.218.in-addr.arpa.              IN      NS      ns1.yourserver.com.
    212.27.218.in-addr.arpa.              IN      NS      ns2.yourserver.com.
    1             IN      PTR     www.yourserver.com.
    2             IN      PTR     test.yourserver.com.
    54            IN      PTR     mail.yourserver.com.
    0            IN      PTR     ftp.yourserver.com.
    All the PTR records in the zone are doing is pointing to canonical names. In the point of a mail server, you usually want the IP and FQDN to resolve to each other(better understood as saying the forward and reverse mirror eachother). Knowing Microsoft, there may be something weird you have to do or they may have it worded poorly but I haven't touched a Microsoft server in years so I'm not sure. That Microsoft article looks to explain it but I have no way to check on it.

IMN logo majestic logo threadwatch logo seochat tools logo