[GTALUG] Reverse DNS different that DNS server (reverse is a local address)

ac ac at main.me
Mon Nov 23 04:09:08 EST 2020 

On Sun, 22 Nov 2020 20:13:19 +0100 (CET)
Joseph Rocklin via talk <talk at gtalug.org> wrote:
> Hi all,
> 
Hello

> I just tried a reverse dns lookup on whoismydns.com for my wife's
> computer on a family-member's network.
> 

Okay, no.

You cannot do what you said :)

You can do a "forward" lookup on a name

and a "Reverse" lookup involves querry an answer for the resource
number supplied in the forward lookup :)

So, to add additional complexity, you can get different answers
depending on whom you are asking and even if the answer is not listed
as an authority for the question, it is still, in 99.99% of questions,
regarded as an answer by the inquirer (which of course is either a
human or a software or nowadays also a machine (like mine)

> Result:
> DNS Server: 67.231.208.167
> Reverse DNS: pub-cdns3-wlfdle-eth1.rpub.net.rogers.com
> IP Owner: Rogers
> 
Uhm, no.

You should first ask who has authority?
#dig NS whoismydns.com
whoismydns.com.         21599   IN      NS      ns1.whoismydns.com.
whoismydns.com.         21599   IN      NS      ns2.whoismydns.com.

and then 
#dig @ns1.whoismydns.com whoismydns.com
whoismydns.com.         86400   IN      A       35.165.244.131

Then, you can do a reverse lookup:
131.244.165.35.in-addr.arpa domain name pointer
ec2-35-165-244-131.us-west-2.compute.amazonaws.com.


> Does this seem correct? I have my dns settings set on my machine and
> I get my expected DNS results on my machine on this family member's
> network. Is there any reason to be concerned here?
> I had noticed a while back, before upgrades on this family member's
> network, that utopia.net was being used as the DNS server. It was on
> more than one machine that used that network. Now I'm wondering if
> somehow this network was routing, in a still-problematic way, but
> just via a local address? 
> I may have confused some concepts as I am just getting my feet wet
> with this topic of DNS servers. If anyone has suggestions to confirm
> if the network is properly setup, please let me know.
> 
Okay, not sure what it is you need to know... 

I think you need to edit this, as a step one:

vim /etc/resolv.conf
imho, remove everything and add Google as your DNS provider :)

nameserver 8.8.4.4
nameserver 8.8.8.8

This will maybe/probably help you?

You can also check that 
vim  /etc/nsswitch.conf

says:
hosts:          dns files 
networks:       dns files 

unless of course you have custom resources in your hosts for certain
names, in my case for example, I hardcode a LOT of domains, so that I
hardly ever do any DNS lookups (DNS is disabled on my personal system)
so, of course I have to use files and then dns... 

hth

Andre


> Thank you,
> Joseph Rocklin,

More information about the talk mailing list