Results 1 to 4 of 4
  1. #1
    Join Date
    Feb 2001
    Location
    Lake Tahoe
    Posts
    104

    "Downstream" Reverse-DNS

    Hi all,

    How do downstream ISPs (those that acquire their IP address blocks from an upstream ISP, as opposed to directly from IANA), manage reverse-DNS (RDNS)? Unlike forward DNS lookups, RDNS lookups go to the upstream ISP's DNS servers (who "owns" the IP blocks) where the downstream domain name information may be absent. [How do THEY know that 'www.xyz.com' became the primary domain for 192.168.142.13 five minutes ago? ...unless you pester the hell out of them for every minor update?]

    I have asked my upstream ISP to allow us (or, at least, our automated systems which translate customer domain changes to DNS zone files on the fly) to write RDNS info to their DNS servers but they have instead suggested using CNAME records on their DNS servers to forward RDNS queries for our assigned IP blocks to one domain (one that will never go away) on our own DNS servers. There, we would provide the requisite PTR records for each and every assigned IP. This does give us the accessibility we need to make unlimited RDNS changes but seems a little kludgy. Is this the way all downstream ISPs do it?

    Any advice is appreciated.

    Dave

  2. #2
    Join Date
    Jan 2003
    Location
    San Diego, California
    Posts
    336
    The upstream ISP delegates reverse to the folks downstream.

    If they are using bind and your IP's were like 172.16/16 and they assigned you 172.16.3/24 the zone file would look like:

    16.172.in-addr.arpa:

    3 IN NS your server here
    IN NS your secondary here

  3. #3
    Join Date
    Jun 2003
    Posts
    673
    If you have a /24 or larger, then ARIN can delegate the /24 blocks directly to your DNS servers instead of to your ISP's servers. Otherwise, your ISP will need to delegate the space to you on their DNS servers, either by supplying NS records for each of your IP address (like Niosys wrote) or by using the cheesy technique described in RFC 2317.

    (edit: English is my native language, really!)

  4. #4
    Join Date
    Feb 2001
    Location
    Lake Tahoe
    Posts
    104
    Thank you very much! Both of your recommendations are ideal, being that they utilize our DNS servers as is and without requiring any modification to our automation scripts. The solution proposed by our upstream provider would require extensive modification.

    Yes, we do operate a /24. I'll take this up with our provider and ARIN. If no go, I will happily propose Niosys' solution.

    Again, THANK YOU, BOTH!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •