Handling Reverse Lookups

Reverse lookups are handled in zone files that work much like forward lookup zone files. You must define a zone for these files in /etc/named.conf, much as you define a zone for forward lookups. For instance, to serve the network, you might include a zone definition like this:

zone "15.27.172.in-addr.arpa" { type master;

file "named.";

Note that the order of the bytes in the IP address block is reversed on the zone line, the machine address portion is omitted, and .in-addr.arpa is appended. You can name the zone file whatever you like, but using the IP address in the name is common.

The zone control file looks much like the forward lookup zone control file, except that the reverse lookup zone control file is dominated by PTR records, which aren't present in the forward lookup zone file. You most likely won't find A or MX records in the reverse lookup zone file, but you will find an SOA record and one or more NS records. Listing 27.4 shows a reverse lookup zone file that matches Listing 27.3's forward lookup zone file.

Listing 27.4: Sample Reverse Lookup Zone Control File


15.27.172.in-addr.arpa. IN SOAdonovan.threeroomco.com. susan.threeroomco.com. (

2003092602 ; serial 28800 ; refresh 14400 ; retry 3600000 ; expire 604800 ; defaultjtl ) IN PTR calvin.threeroomco.com. IN PTR donovan.threeroomco.com.

3 IN PTR powell.threeroomco.com. IN PTR mail.threeroomco.com.

@ IN NS donovan.threeroomco.com.

Most of the entries in Listing 27.4 begin with the full IP address (with byte order reversed), followed by .in-addr.arpa.. As with forward lookups, these pseudo-hostnames end in dots to prevent name completion on the pseudo-domain name, 15.27.172.in-addr.arpa. The exception is the name 3 in Listing 27.4. This name omits the pseudo-domain name, which is added to the 3 name. Another exception is the NS record, which uses an at sign. All of the PTR and NS entries point to computers by name, complete with domain name and trailing dot. Because the domain this zone file defines is the 15.27.172.in-addr.arpa pseudo-domain, you can't omit the domain name or dot from the regular hostname, as you can with a CNAME, MX, or NS record in a forward zone definition if the host resides in the main domain.

As with defining forward zones, you should tell named to reread its configuration file by typing killall -HUP named after you've finished your changes. You can then use host to look up IP addresses and verify that the correct hostname is returned. If it isn't, check your entries again, paying attention to trailing dots and other features that might cause problems, as described in the previous section.

Note If you're running a DNS server for a network that's accessible on the Internet at large, you might not need to configure it with a reverse lookup zone. Instead, that task may be handled by your ISP, which is responsible for the IP addresses in question. On the other hand, your ISP might hand that responsibility off to you, particularly if you've acquired a large block of IP addresses. Consult your ISP to determine who's responsible for handling this detail. If you're configuring a DNS server for a private network, you should probably configure the reverse DNS zone for that block yourself. Failing to do so won't cause problems for most networking tools, but a few may gripe about the lack of reverse lookups or even

This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to regist* fail to work properly.

Team LIB

0 0

Post a comment