Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 1 Nov 1999 13:54:03 -0600 (CST)
From:      Alec Kloss <ajk@paw-in-eye.net>
To:        papalia@UDel.Edu (John)
Cc:        dan@dpcsys.com, freebsd-questions@FreeBSD.ORG
Subject:   Re: Reverse DNS lookup
Message-ID:  <199911011954.NAA05346@D2SI.COM>
In-Reply-To: <4.1.19991031213125.009407e0@mail.udel.edu> from John at "Oct 31, 1999  9:33:50 pm"

next in thread | previous in thread | raw e-mail | index | archive | help
John said:

> <snip>
>  
> >> merlin# nslookup 63.224.53.3
> >> Server:  copland.udel.edu
> >> Address:  128.175.xx.xx
> >> *** copland.udel.edu can't find 63.224.53.3: Non-existent host/domain
> >
> >That's cause there is no reverse for that IP.  It's from a /25 subnet
> >and US West probably doesn't delegate less than a /24 for in-addr.arpa

Actually, they do, but they're not doing it exactly in line with the 
RFC for reasons involving their internal DNS management software.  I
had to get a friend of mine who works there to set it up.  They use NS
records on each address to point it to your own nameservers.  Check
out 63.224.10.1.  

It does appear that 63.224.53.3 is not assigned a reverse.

> Could you do me a favor and explain all that? I have no idea what /25
> subnet and in-addr.arpa actually mean :)

/25 subnet means the first 25 bits of the address correspond to a
network and the last 7 correspond to a particular node on that
network.  Once upon a time, it was assumed that addresses less than
127.0.0.0 were /8 (aka. Class A), but this is no longer true.  It
appears that Network Solutions divided 63.x.x.x into /12 

Default Server:  localhost.d2si.com
Address:  127.0.0.1

> set type=ptr
> 224.63.in-addr.arpa
Server:  localhost.d2si.com
Address:  127.0.0.1

224.63.in-addr.arpa
        origin = ns1.uswest.net
        mail addr = hostmaster.uswest.net
        serial = 318
        refresh = 28800 (8H)
        retry   = 7200 (2H)
        expire  = 604800 (1W)
        minimum ttl = 86400 (1D)
> 63.in-addr.arpa
Server:  localhost.d2si.com
Address:  127.0.0.1

Authoritative answers can be found from:
IN-ADDR.arpa
        origin = A.ROOT-SERVERS.NET
        mail addr = hostmaster.INTERNIC.NET
        serial = 1999110102
        refresh = 1800 (30M)
        retry   = 900 (15M)
        expire  = 604800 (1W)
        minimum ttl = 86400 (1D)

The in-addr.arpa DNS domain is used for reverse lookups.  The idea is
that reverse lookups should be delegated like forward ones are, in a
hierarchical fashion.  So, to find the name for a given address, you
follow a hierarchy like this:
arpa contains in-addr contains 63 contains 224 contains 53 contains 3,
so you construct a DNS query for the name
        3.53.224.63.in-addr.arpa.
Also, note that you are looking for a particular type of record, a PTR
record, so you should tell nslookup that using 
        set type=ptr

The problem with the above hierarchical scheme is that authority for
reverse lookups no longer necessarily falls at the dots.  So, the
original scheme assumed that every address like 63.224.53.* was
controlled by the same entity.  It is becoming increasingly common for
this not to be the case, so USWest is using a NS record to delegate
the responsibility, like this:

ajk@hamlet ~% nslookup
Default Server:  localhost.d2si.com
Address:  127.0.0.1

> server ns1.uswest.net
Default Server:  ns1.uswest.net
Address:  204.147.80.5

> set type=ns
> 1.10.224.63.in-addr.arpa
Server:  ns1.uswest.net
Address:  204.147.80.5

Non-authoritative answer:
1.10.224.63.in-addr.arpa        nameserver = hamlet.d2si.com
1.10.224.63.in-addr.arpa        nameserver = othello.d2si.com

Authoritative answers can be found from:
hamlet.d2si.com internet address = 63.224.10.2
othello.d2si.com        internet address = 63.224.10.1
> 3.53.224.63.in-addr.arpa
Server:  ns1.uswest.net
Address:  204.147.80.5

*** ns1.uswest.net can't find 3.53.224.63.in-addr.arpa: Non-existent
host/domain


They clearly have not set this up yet for whoever this 63.224.53.3 box
is.  


> And if that's the case (above) then that might be the problem on all my
> reverse lookups that go bad.  In essence all the problems I'm having are
> with people using their desktops at work who ssh into my box.  But when I
> try out nslookup on servers from, for example, my old ISP, it works fine
> both ways.

If you're saying that your old ISPs nameservers can resolve
63.224.53.3, they have probably assumed control of the network
erronously.  If I am correct, your school should be able to resolve
63.224.10.1 (it can) but your old ISP will probably NOT be able to
resolve 63.224.10.1.

Hope this helps clear things up a bit.

> Thanks again!!!
> --John
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911011954.NAA05346>