[CentOS] Re: DNS Server

Mon Jun 26 11:38:09 UTC 2006
Thomas E Dukes <edukes at alltel.net>

 

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Johnny Hughes
> Sent: Monday, June 26, 2006 7:19 AM
> To: CentOS ML
> Subject: RE: [CentOS] Re: DNS Server
> 
> On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
> <snip>
> 
> > 
> > So even if a service such as zoneedit, say they can do 
> reverse DNS, it 
> > won't work?
> > 
> > I really don't understand how it can work in one direction 
> and not the 
> > reverse.  If they can keep up with my IP address and match it to my 
> > domainanme, seems they could do the reverse.
> > 
> 
> OK ... rather than you staying confused on this issue, I will 
> try to explain it in basic terms.
> 
> DNS converts names to IPs (forward lookups) and IPs to names 
> (reverse lookups).  
> 
> A forward lookup is when you have a name (www.abcxyz.com) and 
> need a number.  This this case, there is a domain owner and 
> that domain has it's own DNS Zone.  The owner of that Zone 
> can put whatever IP addresses
> (numbers) with names that they want in that zone.
> 
> In the case of a forward lookup, there is no predefined zone 
> at all ...
> you can have as many names as you want, and since people pay 
> for it (the name), it stands to reason that will keep it 
> updated properly.
> 
> A reverse lookup is different.  The standard for reverse 
> lookups break them down in "Class C" blocks (that is, the 
> first 3 groups of numbers are the network number, the last 
> group is the host number).  If you have an ip address of:
> 
> 192.87.99.234
> 
> The network number is 192.87.99.0, the subnet mask is 
> 255.255.255.0, the host number is 234, and the reverse lookup 
> domain is:
> 
> 99.87.192.in-addr.arpa
> 
> All 254 host addresses in that zone are normally assigned 
> from the owner of that zone from one machine.  If someone 
> buys the whole class C network, they get to control the zone, 
> otherwise it is normally controlled by the ISP that owns all the IPs.
> 
> It is possible, but not usually done, to break up the reverse 
> into smaller ranges.
> 
> Tom Diehl has already mentioned RFC 2317:
> 
> http://www.faqs.org/rfcs/rfc2317.html
> 
> Using the techniques there, an ISP _CAN_ transfer control of 
> some reverse lookup domains.  They will normally not do it 
> unless you have a fairly large network, however.
> 
> I hope this helps you understand that forward zones are 
> designed to easily break them down into 1 or 2 names ... but 
> reverse zones are predefined and not designed for less than 1 
> class C network blocks.

Hello Johnny,

I guess that makes sense.  It seems it would create too much work for the
ISP to handle the reverse lookup for a single IP.  If they dole them out
that way, they should either do it or delegate them.

All this is to operate a mail server without bounces.  Is this why it
recommedned to use your ISP's mail server as smarthost?  Does this mean I
would be using the ISP's mail server for outgoing mail?  Or is it just
'stamped' with the ISP's name to prevent bounces?

Thanks,

Eddie