PTR records

Comments

10 comments

  • Avatar
    maintenance

    In private address space? You probably have the resolver addresses configured on individual devices then, and not in a router or DNS server forwarder. This breaks local name resolution definitely with OpenDNS, since you are sending a LAN query to the internet, and OpenDNS uses nxdomain redirection for filtering purposes. If you are using a paid version, or a free version and you aren't interested in filtering, simply turn this (Typo Correction) off at the Dashboard. I don't think you could reasonably add a list of exceptions for reverse lookups under Exceptions (Exceptions for VPN Users, it is called, due to it's primary/original intent.)

  • Avatar
    rotblitz

    CIDR 198.133.74.0/24 is not in a private IP address space, but assigned to InterSystems Corporation in Cambridge, MA (intersys.com). This corporation as the owner of this range or their ISP is to configure the PTR records. It is not mandatory for IP address owners to configure PTR records anyway. They did not configure a PTR record for all 255 IP addresses, but for some only.

    Are you saying that OpenDNS does not return a PTR record whereas Google does for exactly the same Intersys address? Can you give examples?

  • Avatar
    joseph.ribera

    Hi Rotblitz.

    You are correct, this is a public address space which has PTR records configured for various IP addresses. As an example 198.133.74.1 has a PTR record, if you query this through Google DNS you will get the response below. If you query via open DNS you just get a time out. 

    Server: google-public-dns-a.google.com
    Address: 8.8.8.8

    Non-authoritative answer:
    1.74.133.198.in-addr.arpa name = mail.intersys.com

     

  • Avatar
    maintenance

    Wow, that was a complete reading failure on my part.

  • Avatar
    jedisct1

    Confirmed:

    $ drill ptr 1.74.133.198.in-addr.arpa. @208.67.222.222

    [timeout]

     

  • Avatar
    jedisct1

    Two of the three authoritative name servers are failing. ns.uu.net works but uucp-gw-1.pa.dec.com and uucp-gw-2.pa.dec.com don't.

  • Avatar
    maintenance

    Yes, it fails. Using dig, or making sure to add the trailing dot when using nslookup (or increasing the timeout) returns the nxdomain redirect IP from OpenDNS.  67.215.65.132

     

  • Avatar
    maintenance

    and jedisct1 posted twice while I was mucking about.

  • Avatar
    joseph.ribera

    Thanks for confirming.

    Suggestions on how to fix ? Go back to the ISP who manages 74.133.198.in-addr.arpa and tell them to look at the authoritative name servers ?

  • Avatar
    rotblitz

    "Go back to the ISP who manages 74.133.198.in-addr.arpa and tell them to look at the authoritative name servers ?"

    Yes, you got it.

Please sign in to leave a comment.