Revers Lookup Path

Discussion in 'DNS Server' started by TheWall, Aug 19, 2009.

  1. TheWall

    TheWall Guest

    Hi, i need to find out on what DNS server i must setup my Reverse lookup Zone.

    If you run a tool to check your IP. Where does it go and look if it can
    resolve it?

    I have 3 DNS server.

    Server 1 is outside our domain in a data center and is the primare DNS
    server for the registered domain.

    Server 2 is the old DC and the secondary DNS server for the registered domain.

    Server 3 is the new DC and Exchange 2007 (Currently migrating to exchange
    2k7)
    and is also running a DNS server. This will become the new Primary DNS
    server at the domain authority.

    Maybe at the ISP. We have a ADSL line with a pool of 5 IP's from our ISP.
    Would they mayb have to assight the Revers lookup?

    If i make changes how long does it take before i can run a reverse lookup to
    test it?

    Thanks!!!
     
    TheWall, Aug 19, 2009
    #1
    1. Advertisements

  2. TheWall

    Chris Dent Guest

    Reverse Lookup for Public IP addressing is delegated through the
    Regional Internet Registry (RIR), ARIN and RIPE are examples of RIR
    organisations. It works in much the same way as forward lookup, but down
    a different path.

    So if you use a tool to find it, it first goes to the DNS server you use
    and asks it for the answer, if that is authoritative for the zone it
    will return the answer immediately. If not, it will either Forward or
    perform an iterative query using Root Hints depending on your own
    configuration.

    I always found that Dig was the best way to view the paths. You can find
    a Windows version of it here:

    http://members.shaw.ca/nicholas.fong/dig/

    Use this command:

    dig 4.3.2.1.in-addr.arpa ptr +trace

    Where 4.3.2.1.in-addr.arpa represents the IP Address 1.2.3.4.

    How long it takes to change completely depends on the Time To Live (TTL)
    of the record. Both Dig and NsLookup can show you the TTL, in NsLookup
    you need to run "set debug" to see that. If you have a cached response
    (Non-Authoritative Answer) for the record NsLookup will show you the
    remaining TTL rather than the full TTL.

    The short-cut for that explanation is that it may take 24 to 48 hours to
    fully propagate :)

    Chris
     
    Chris Dent, Aug 19, 2009
    #2
    1. Advertisements

  3. TheWall

    TheWall Guest

    Great, thanks that is a very handy tool.

    So is this telling me that it is looking on the server called: 196.4.160.3


    C:\dig>dig 146.67.26.196.in-addr.arpa ptr +trace

    ; <<>> DiG 9.3.2 <<>> x.x.26.196.in-addr.arpa ptr +trace
    ;; global options: printcmd
    .. 3600 IN NS e.root-servers.net.
    .. 3600 IN NS f.root-servers.net.
    .. 3600 IN NS g.root-servers.net.
    .. 3600 IN NS h.root-servers.net.
    .. 3600 IN NS i.root-servers.net.
    .. 3600 IN NS j.root-servers.net.
    .. 3600 IN NS k.root-servers.net.
    .. 3600 IN NS l.root-servers.net.
    .. 3600 IN NS m.root-servers.net.
    .. 3600 IN NS a.root-servers.net.
    .. 3600 IN NS b.root-servers.net.
    .. 3600 IN NS c.root-servers.net.
    .. 3600 IN NS d.root-servers.net.
    ;; Received 449 bytes from 10.10.x.x#53(10.10.x.x) in 3 ms

    196.in-addr.arpa. 86400 IN NS NS2.LACNIC.NET.
    196.in-addr.arpa. 86400 IN NS SEC1.APNIC.NET.
    196.in-addr.arpa. 86400 IN NS NS-SEC.RIPE.NET.
    196.in-addr.arpa. 86400 IN NS TINNIE.ARIN.NET.
    196.in-addr.arpa. 86400 IN NS NS1.AFRINIC.NET.
    196.in-addr.arpa. 86400 IN NS SEC3.APNIC.NET.
    ;; Received 194 bytes from 192.203.230.10#53(e.root-servers.net) in 747 ms

    26.196.in-addr.arpa. 172800 IN NS jupiter.is.co.za.
    26.196.in-addr.arpa. 172800 IN NS titan.is.co.za.
    26.196.in-addr.arpa. 172800 IN NS demeter.is.co.za.
    ;; Received 135 bytes from 200.3.13.11#53(NS2.LACNIC.NET) in 814 ms

    26.196.in-addr.arpa. 86400 IN SOA ns1.is.co.za.
    dns-admin.is.co.za
    .. 2009081800 28800 7200 604800 86400
    ;; Received 102 bytes from 196.4.160.3#53(jupiter.is.co.za) in 25 ms


    C:\dig>
     
    TheWall, Aug 19, 2009
    #3
  4. TheWall

    Chris Dent Guest

    Notice that you have this:

    26.196.in-addr.arpa. 86400 IN SOA ns1.is.co.za.

    It says that it's found someone authoritative for 196.26.x.x
    (ns1.is.co.za), but nothing below that. If is.co.za is your ISP it means
    they are responsible for the zone, but that no PTR record currently exists.

    Therefore you should be able to ask them to make you the necessary records.

    If that's not your ISP then you will still have to raise it with your
    ISP because you won't be able to deal with anyone upstream from your ISP
    (for example, you wouldn't be able to talk to your ISPs ISP).

    Chris
     
    Chris Dent, Aug 19, 2009
    #4
  5. TheWall

    TheWall Guest

    Great, yes, im in conact with my isp and they have made some changes.

    Thanks
     
    TheWall, Aug 20, 2009
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.