Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

reverse DNS entries (PTR)

The resouce says: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#topic9 states:

"IP addresses in the pool of global addresses specified with the global command require reverse DNS entries to ensure that all external network addresses are accessible through the PIX. To create reverse DNS mappings, use a DNS Pointer (PTR) record in the address-to-name mapping file for each global address. Without the PTR entries, sites can experience slow or intermittent Internet connectivity and FTP requests fail consistently."

Assume a network topology is like this:

A PIX with 3 interfaces:

inside interface (private static IP of 10.10.10.1)

outside interface (public static IP of 69.110.38.35)

DMZ interface (private static IP of 30.30.30.1)

1)Will the above said "reverse DNS entries" apply to this case?

2)If not, in what circumstances will the "reverse DNS entries" apply?

Thanks to help.

Scott

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: reverse DNS entries (PTR)

dns = domain name to ip

reverse dns = ip to domain name

reverse dns is mainly used for authentication or i should say identify verification.

e.g. hacker will launch an attack by using an invalid ip (i.e. spoofing), thus a server receiving the request will perform a reverse dns lookup in order to verify the idenity of the ip whether it matches a valid domain name or not.

a typical use of reverse dns these days is to block email spamming.

at the moment, not that many server will perform the reverse dns lookup, however, i believe one day it will be very popular.

nonetheless, to configure reverse dns, you need to work with the isp as it has to be implemented on the isp public dns server, not local dns server in your company.

1 REPLY
Gold

Re: reverse DNS entries (PTR)

dns = domain name to ip

reverse dns = ip to domain name

reverse dns is mainly used for authentication or i should say identify verification.

e.g. hacker will launch an attack by using an invalid ip (i.e. spoofing), thus a server receiving the request will perform a reverse dns lookup in order to verify the idenity of the ip whether it matches a valid domain name or not.

a typical use of reverse dns these days is to block email spamming.

at the moment, not that many server will perform the reverse dns lookup, however, i believe one day it will be very popular.

nonetheless, to configure reverse dns, you need to work with the isp as it has to be implemented on the isp public dns server, not local dns server in your company.

444
Views
0
Helpful
1
Replies