Reverse DNS: Difference between revisions

[[File:Reverse-dns-a-reverse.png|border]]

 

 

If you administer a domain that is not hosted with us, then '''we''' can add an entry into our control system specifying your choice of domain name (optionally including subdomains) specifically to then allow you to set up entries on our systems that will define a number of individual reverse lookup mappings from your AAISP addresses to individual names below your ‘base’ domain name. There is no charge for this, '''however it must be requested'''; this can be confusing as you will not find the relevant configuration to which this section refers will not be visible until requested.

An example is given in the next section. On our systems you will define a number of records, one (or more) per address of yours, and we append your chosen domain name to each to form a reverse lookup (PTR) record that we define and publish for you. You can ask for several of your domain names to be set up on our systems. Such a domain name can include your choice of subdomain in your request.

 

 

For example, suppose you have an address from us such as <code>198.51.100.10</code> and you wish to define a PTR mapping (reverse lookup) to the name <code>fred-workstation.your-domain.example.com</code>.Important: If this domain is not hosted by us, you must first have asked staff to set up <code>your-domain.example.com</code> in our control system, but you only need to do so once. Then you would go into our control panel system, go to ''"Domains"'' and select the entry <code>your-domain.example.com</code> which we will have added for you following your request. Now for each individual reverse lookup entry you wish to define, enter for example the name <code>"fred-workstation"</code> into the first edit box. The value is not restricted to be just one single DNS label; it could contain dots for subdomains. Then enter the IP address in the edit box below, in this case <code>198.51.100.10</code>. You must remember to then click '''OK''' or '''Apply''' to create the record. You will see that a new record is now listed below.

This setting is found on the control pages under the link to your Login. This will apply to IPv4 and [[IPv6]].

 

 

Delegation by NS works by putting your name server in our DNS for each of your addresses. e.g. if you had <code>217.169.0.0-3</code> then we would put your name servers for each entry <code>0.0.169.217.in-addr.arpa</code>, <code>1.0.169.217.in-addr.arpa</code>, <code>2.0.169.217.in-addr.arpa</code>, <code>3.0.169.217.in-addr.arpa</code>. This would mean you can create four separate zone files each of which has normal SOA records etc., and a single PTR record with the name for that IP address. This is logically the correct way of doing it as the reverse DNS zone is delegated at each level of control right down to the IP address level. It is rather tedious to set up lots of zone files though, especially if you have, say, 128 addresses.

Remember that you also have a WAN address which may be completely different from your other addresses, and the reverse DNS is also delegated to your name servers for this too.

 

 

Delegation by CNAME is a way to delegate a block of addresses to you so that you only have one zone file to worry about. The way this works is that we put a CNAME record for each address indicating that the answer is found under a different name. We then delegate that different name to your name servers. There are several ways to do this, but we use the system of <code>''first''-''last''.''restofzone''.in-addr.arpa</code>. e.g. if you had <code>217.169.0.0</code>-<code>3</code> we would delegate a zone <code>0-3.0.169.217.in-addr.arpa</code> to your name server(s) and add CNAME entries for each IP, e.g. <code>1.0.169.217.in-addr.arpa</code> with CNAME to <code>1.0-3.0.169.217.in-addr.arpa</code>.

Your WAN address and any other single addresses are still individually delegated as their own zone as above.

 

IPv6 is delegated at /48 or lower by NS

 

If you have a block of 256 addresses or more, then reverse DNS delegation is done at the /24 level and setting CNAME or NS has the same effect. This means you are responsible for an entire reverse zone without the need for special CNAME entries, etc. Most people do not have such a large block of addresses.