Re: [NTISP] How to do Reverse-DNS with DNS Manager?

Josh Hillman ( (no email) )
Mon, 15 Mar 1999 17:47:14 -0500

From: Adam Greene <adam@webjogger.net>
>I am trying to set up reverse-DNS for all of my dialup IP addresses in
Windows NT's DNS Manager, but I am not sure if I am doing it correctly.
>I thought all I had to do was create A records for each IP address and make
sure that an "associated PTR record" was also created. I did that, but when
I look up the "x.x.x.in-addr.arpa" records, some of the PTR records are
duplicated, and some are missing entirely. I tried adding the missing ones
and deleting the duplicates, but after doing that, some OTHER PTR records
became duplicated and others were missing. It wasn't due to my overlooking
them, either, because I was working pretty systematically. I decided not to
mess with it further, since I didn't understand what was going on and didn't
want to create a larger mess.
>Now when some of my users dial in, they say they still don't get a
reversable IP.
>Do you know how to verify that a given IP address does in fact have
reverse-DNS enabled (without dialing in myself until I get assigned each and
every one of the dynamically assigned IP's)? Or how to do it right, if I am
in fact messing something up?

I use MS DNS (have been ever since NT4 came out) and I've never had a
problem with reverse-lookups. One thing to note is that you may need to ask
your upstream provider to use your DNS for reverse-lookup requests. We had
to contact our's before anyone could do reverse lookups on our IPs from
outside of our network.

Before assigning a name to an IP, the reverse-lookup zone should already be
created in MS DNS. Let's say one of our subnets is 192.168.15.0 and it's
used strictly for dial-up accounts. So, in MS DNS, I created a zone called
"15.168.192.in-addr.arpa" for reverse lookups. After doing that, I started
adding A records into the forward lookup zone, allowing it to create the PTR
records automatically. Every once in a while, I see a duplicate PTR record
in the DNS manager, but in reality, I don't think there's a duplicate--it's
just some kind of quirk with the display. Either way, it's never been a
problem.

To see if reverse stuff is set correctly, use nslookup, setting the default
server to the SOA for the reverse lookup zone. In our case,
ns1.mydomain.com would be the server with authority for the 192.168.15.0
subnet:

C:\>nslookup
Default Server: ns1.mydomain.com
Address: 192.168.1.5

> ls -d 15.168.192.in-addr.arpa
[gamma.mydomain.com]
15.168.192.in-addr.arpa. SOA ns1.mydomain.com
administrator.mydomain.com. (15 3600 600 86400 3600)
15.168.192.in-addr.arpa. NS ns1.mydomain.com
15.168.192.in-addr.arpa. NS server.cntfl.com
15.168.192.in-addr.arpa. NS ns2.mydomain.com
1 PTR cisco.mydomain.com
100 PTR dialup100.tlh.mydomain.com
101 PTR dialup101.tlh.mydomain.com
102 PTR dialup102.tlh.mydomain.com
103 PTR dialup103.tlh.mydomain.com
104 PTR dialup104.tlh.mydomain.com
105 PTR dialup105.tlh.mydomain.com
106 PTR dialup106.tlh.mydomain.com
107 PTR dialup107.tlh.mydomain.com
108 PTR dialup108.tlh.mydomain.com
109 PTR dialup109.tlh.mydomain.com
11 PTR dialup11.tlh.mydomain.com
110 PTR dialup110.tlh.mydomain.com
etc...

Incidentally, doing this using ns.webjogger.net to do a lookup on the
208.157.135.0 subnet caused my nslookup to crash with a Dr. Watson error
each time.

Josh Hillman
hillman@talstar.com

For more information about this list, including removal,
see this url: http://www.iea-software.com/maillist.html