Are Reverse Lookup Zones Necessary?? 1

[TheChaseR]

Hi all,
Im running a test domain of one win2k adv server. i have AD installed, ive added users, i used the config wizard to set everything up. it appears as if everything is working, but i've seen this before and then have my whole domain wither away like a plant without water. My question is whether or not i need to config a reverse lookup zone, im not quite clear on what they do and if they are necessary? i noticed that it is not configured, but i have had no problems thus far. i am looking to integrate exchange2k into AD as soon as i am positive this is working correctly. So again, to paraphrase, A: what are reverse lookup zones and B: are they necessary for end users who dont need internet access?

Thanks in advance.
-=Chås3R=-

 

[brontosaurus]

A) Reverse lookup zones provide a means of discovering a host by it's IP address, the opposite of what standard DNS lookups do.

B) They are not necessary. However, there are some applications that use them for security checks, email systems being amongst that. That said, it's really no big deal to set them up, and they just might come in handy one day, especially if you ever need to do an NSLOOKUP. If you have some time, set it up...

 

[TheChaseR]

Thanks for the quick response.
Anywhere you can point me, as far as helping me set them up..or should i just run through the wizard.
So basically you are saying that exchange will use that as a security check for ppl trying to send mail via my server?

Thanks again

 

[GlenJohnson]

Bronto's right. They may definetely come in handy, especially troubeshooting. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com


"They believe that nothing will happen because they have closed their doors."
Maurice Maeterlinck (1862-1949); Belgian author

 

[brontosaurus]

Exchange 2K has the ability to check Reverse zones, but I don't think it will filter based on it. In any case, we're talking incoming internet mail here, so I guess you need not be concerned...
The DNS wizard should be fine. Check the help in DNS manager also, I'm pretty sure it gives a decent "reader's digest" explanation of reverse zones.

 

[tom11011]

If you host email, you want one. Some servers will reject if they cannot verify your isp-name resolution. this helps cut down spam.

 

[TheChaseR]

Ok... Quick question.
when it was asking me for the network ID to create the reverse lookup zone, is that just the IP block that the DNS server is on? I.E. the internal ip address of the server is 10.1.1.5 so does this mean that i put 10.1.1. for the network ID? and so to makes things completely clear, this is so that my client computers can resolve computer name to an IP address? if so does this sound right?
You guys all rock. also, i know it takes a little while to replicate, is there anything in particular i can use any command that will let me know that it is working properly?

Thanks again
TheChaseR

 

[brontosaurus]

Yes to your first paragraph of questions.

To test reverse lookups, start an NSLOOKUP session from a command prompt. Then type in these commands:

SET TYPE=PTR
10.1.1.5 (or whatever IP you're really using)

Hit enter and you should get a host name in the right side of your window....

 

[TheChaseR]

Thanks Brontosaurus,
The only thing that amazes me more than DNS is thinking of how everyone comes up with their handles on here.

Appreciate it.

 

[devastator]

I can do NSLOOKUPS but when I try to do the above scenerio SET TYPE=PTR (IP)I get unrecognized command.

Any ideas and does that mean that something on my end is not correct?

 

[brontosaurus]

did you type the IP on the same line? They should be separate line entries:

SET TYPE=PTR

<enter>

then type in the IP address and hit enter.

 

[devastator]

Yeah, it works now. Plus it helps to try and run it from the server not a workstaion that doesn't register itself with DNS.


Thx