[GTALUG] Reverse DNS different that DNS server (reverse is a local address)
D. Hugh Redelmeier
hugh at mimosa.com
Mon Nov 23 09:20:57 EST 2020
I have no time for a careful answer. But it is important that you
understand these points:
- DNS is a distributed tree, with nodes that are authoritative for
particular domains.
- there is caching (recursive servers) if you trust them (almost always
one does). Unless you are using DNSSec, the caching server can lie,
sometimes usefully.
- the forward domain is technically unrelated to the reverse domain.
The forward domain lookup uses a conventional domain name as the
key.
The reverse lookup uses the IP address (in a funny format) as the
key.
- Reverse example: to lookup the reverse for IPv4 address 1.2.3.4,
your system actually queries 4.3.2.1.in-addr.arpa. I think you can
see how that is constructed.
- the reverse domain is a mystery to most people (because it mostly
doesn't matter to most users). If you run a mail server, it does
matter.
- whoever provided you with your IP address controls the reverse
domain for that IP address. Generally, if you pay for a static IP
address, they will let you specify what you want them to put in the
reverse domain for that IP address. Most ordinary consumers don't
have static addresses and are not given a say in what the reverse
says.
- if your provider provides you with a CIDR of network addresses,
static, they may delegate the reverse domain for that CIDR to a DNS
of your choosing. This is not the normal home case.
More information about the talk
mailing list