Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2010
Views
0
Helpful
1
Replies

reverse DNS entries (PTR)

Go to solution
otnj2ee
Level 1
Level 1

‎11-10-2005 10:46 AM

The resouce says: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#topic9 states:

"IP addresses in the pool of global addresses specified with the global command require reverse DNS entries to ensure that all external network addresses are accessible through the PIX. To create reverse DNS mappings, use a DNS Pointer (PTR) record in the address-to-name mapping file for each global address. Without the PTR entries, sites can experience slow or intermittent Internet connectivity and FTP requests fail consistently."

Assume a network topology is like this:

A PIX with 3 interfaces:

inside interface (private static IP of 10.10.10.1)

outside interface (public static IP of 69.110.38.35)

DMZ interface (private static IP of 30.30.30.1)

1)Will the above said "reverse DNS entries" apply to this case?

2)If not, in what circumstances will the "reverse DNS entries" apply?

Thanks to help.

Scott

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jackko
Level 7
Level 7

‎11-11-2005 06:41 PM

dns = domain name to ip

reverse dns = ip to domain name

reverse dns is mainly used for authentication or i should say identify verification.

e.g. hacker will launch an attack by using an invalid ip (i.e. spoofing), thus a server receiving the request will perform a reverse dns lookup in order to verify the idenity of the ip whether it matches a valid domain name or not.

a typical use of reverse dns these days is to block email spamming.

at the moment, not that many server will perform the reverse dns lookup, however, i believe one day it will be very popular.

nonetheless, to configure reverse dns, you need to work with the isp as it has to be implemented on the isp public dns server, not local dns server in your company.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jackko
Level 7
Level 7

‎11-11-2005 06:41 PM

dns = domain name to ip

reverse dns = ip to domain name

reverse dns is mainly used for authentication or i should say identify verification.

e.g. hacker will launch an attack by using an invalid ip (i.e. spoofing), thus a server receiving the request will perform a reverse dns lookup in order to verify the idenity of the ip whether it matches a valid domain name or not.

a typical use of reverse dns these days is to block email spamming.

at the moment, not that many server will perform the reverse dns lookup, however, i believe one day it will be very popular.

nonetheless, to configure reverse dns, you need to work with the isp as it has to be implemented on the isp public dns server, not local dns server in your company.

0 Helpful
Customers Also Viewed These Support Documents