Reverse DNS on NT4 ??? 1

[Nightcrawler]

Hiya,

I have just got into the fact our reverse DNS is not been setup by our IP. We are the primary they are the secondary DNS servers. But we havent had the reverse pointed to before. Now this is setup and I have setup up my reverse zone as the books all say etc. But it isnt working????

When I do a revese lookup using the DNSStuff.com it correctly points to my DNS server however it is requesting for a *.0-255.*.*.*.in-addr.arpa (the * is where my ip range is). I hhave had a look at other reverse DNS and I dont see anyone passing the 0-255 to there servers ?? Is this correctly setup by my ISP or am I doing something wrong ??

Thanks for any help

Ed

 

[FaiTHLeSS]

Your ISP is most likley cname'ing the reverse zone from their servers to yours. You will need to setup a reverse zone with the name 0-255.*.*.*.in-addr.arpa, change the * to ur IP. Then within the reserve zone setup your PTR records.

 

[Nightcrawler]

Hiya,

Yep thought that might be the case - but having major problems setting up a 0-255 zone in NT DNS. It crashes or creates this new folder called 195 (the first part of our IP range) under the Revs lookup zone.

SO im going to delete the zone and try again. One question - what should have Reverse DNS and what shouldnt - I know Mail servers need it. But does anything else ? Surely it a security threat if i put everything in there ??

Thanks

Ed

 

[FaiTHLeSS]

Its really upto you at the end of the day what you use for rDNS naming and what you give rDNS to. For workstations you could just put hostIPHERE.mydomain.com so it would look like host-1-1-1-1.mydomain.com. For servers etc you might want to give them a better name like mail.mydomain.com smtp... web... its really upto you.

I dont see it as a security risk having rDNS for each IP, you might be thinking, if i use mail.mydomain.com here people are going to know i have a mail server here. But at the end of the day if you have secured your network they shouldnt be able to attack your servers.

Another way is to think of names like planets or greek gods or what ever you like and call your servers that instead of using things like mail, web, smtp etc.

 

[Nightcrawler]

Hiya,

Thanks for your reply on here - what I meant by that was - do I need to do reverse DNS for all DNS based machines or is it only esstial for mail servcers etc .. IE do web site need it ??

Thanks

Ed

 

[FaiTHLeSS]

Well before i would have said you wouldnt need rDNS to access sites but another post recently suggest that some sites wont let you access them without it. But the site in question was a .mil site so that could have been the reason why. Other than that you dont need to have rDNS for browsing etc.

You might want to read this thread thread950-852745

I can see that you also might be not wanting todo it having to enter all the stuff into the DNS server zone. You could just edit the zone file with a text editor instead of using the DNS console which will let you do things faster.