DNS Confused

[cceng]

I thought I know DNS but I guess not. I noticed that when I try to do a Lookup on our domain name it says that "no reverse lookup configured". I inherited this network and I am a bit confused.

We are running a raptor 6.53 firewall with DNSD. We actually have an ISP that handles our DNS entries yet we still have outside DNS configured on the raptor.

On our ISP DNS servers we have this config for one of our registerd domain names:

SOA dbru.br.ns.els-gms.att.net. hostmaster.mail.att.net.

NS dbru.br.ns.els-gms.att.net.
NS dmtu.mt.ns.els-gms.att.net.


@. A 207.252.xxx.x
localhost. A 127.0.0.1


@. MX 10 ourmail.com.

Our ISP also have a reverse lookup zone configured as so:

SOA cbru.br.ns.els-gms.att.net. rm-hostmaster.ems.att.com.

NS cbru.br.ns.els-gms.att.net.
NS cmtu.mt.ns.els-gms.att.net.







19. PTR newserver.ourcompany.net.
0. PTR ourmail.com.

I am wondering if I should even be running DNSD on our firewall? Do I need to have any reverse lookup configured on the firewall?

Any suggestion would be great.

 

[cvmikeray]

You do need to have the DNS setting enabled on your firewall. Look at the DNS proxy and make sure zone transfers are allowed.

You will need to also build your our reverse lookup DNS entry. Say your ip is like the below
If your network ID is: Then your reverse zone is:

10.0.0.0 10.in-addr.arpa
130.20.0.0 20.130.in-addr.arpa
250.30.203.0 203.30.250.in-addr.arpa

is a reverse entry. A reverse DNS lookup is when a computer has an IP address and wants to make the connection to your network.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q172953

This is a good link.

I would get the ISP to set you as the primary DNS so you can add entries. If you are not the primary and you drop a server in the clear, you will have to call the ISp if you are not the "Primary Name Server".

Get DNS and Bind

http://www.oreilly.com/catalog/dns4/

if you don't have it. An IT admin must.