I've lot of *.in-addr.arpa domains requests in my OpenDNS account. I know this should be normal and it's about reverse DNS.
I've been reading here and there but still I can't really get how it works and why I get so much requests (higher number than www.google.com).I'd just need someone that, like Einstein suggested, could explain to me what this reverse DNS is used for like he would explain it to his grandmother.
Answer
Reverse DNS is a mapping from an IP address to a DNS name. So it's like DNS, but backwards. If you are assigned IP addresses you have to setup reverse DNS to tell the world what the addresses are used for.
In practice, if you want to know what system is at 216.239.32.10 you design what is called a reverse lookup by reverting the ip address and adding in-addr.arpa to it. So it looks like this: 10.32.239.216.in-addr.arpa. A PTR record should then tell you what system it is. The dig tool automates this with the -x switch.
pehrs$ dig -x 216.239.32.10
; <<>> DiG 9.6.0-APPLE-P2 <<>> -x 216.239.32.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49177
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;10.32.239.216.in-addr.arpa. IN PTR
;; ANSWER SECTION:
10.32.239.216.in-addr.arpa. 86400 IN PTR ns1.google.com.
;; AUTHORITY SECTION:
32.239.216.in-addr.arpa. 86400 IN NS ns1.google.com.
32.239.216.in-addr.arpa. 86400 IN NS ns2.google.com.
32.239.216.in-addr.arpa. 86400 IN NS ns4.google.com.
32.239.216.in-addr.arpa. 86400 IN NS ns3.google.com.
;; ADDITIONAL SECTION:
ns2.google.com. 205358 IN A 216.239.34.10
ns1.google.com. 205358 IN A 216.239.32.10
ns4.google.com. 205358 IN A 216.239.38.10
ns3.google.com. 205358 IN A 216.239.36.10
;; Query time: 63 msec
;; SERVER: x#53(x)
;; WHEN: Tue Jan 4 13:35:14 2011
;; MSG SIZE rcvd: 204
Notice the PTR record. It tells us that 216.239.32.10 is in fact ns1.google.com.
No comments:
Post a Comment