Canadian TV, Computing and Home Theatre Forums banner

1 - 4 of 4 Posts

·
Registered
Joined
·
298 Posts
Discussion Starter #1
I use OpenDNS as an added security process for my home network. I was just checking settings and noticed that the domain *.in-addr.arpa has the highest traffic routing through it.

I Googled this domain and get a lot of information on reverse mapping and reverse DNS. A lot of the descriptions are in tech language that is above me. Can someone give me a simple definition of what reverse mapping is? Do I need to worry about this domain?
 

·
Registered
Joined
·
1,894 Posts
in-addr.arpa is a dummy domain reserved for reverse DNS lookups. There's a technical article at http://en.wikipedia.org/wiki/Rdns

The "executive summary"...
No need to worry about it.
  • Ordinary DNS takes a machine name, e.g. www.cnn.com, and asks the question "What is the machine's IP address?". The answer is 157.166.255.18 (and several others)
  • reverse DNS, i.e. rDNS, takes the IP address, e.g. 157.166.255.18 and asks the question "What is the name of the machine at this address?". The answer is www.cnn.com
It's not foolproof, but it is used for basic authentication. I.e. if you do a lookup for a certain machine name, and get an IP address, a reverse-lookup on the IP address should yield the same machine name you started with. This obviously won't work for websites that are hosted by the thousands on one webserver, but there are uses. E.g. most home home dialup/cable/DSL connections have the word "dial" or "dynamic" in their rDNS. This is used by spamfilters to block spam that goes directly from home machines, and bypasses the ISP's mailservers.

Try the following at the command prompt. I don't know if Windows will give the same response as linux. The "$" is analagous to the "C:\" prompt...
Code:
$ nslookup www.cnn.com
Server:         192.168.123.254
Address:        192.168.123.254#53

Non-authoritative answer:
Name:   www.cnn.com
Address: 157.166.255.18
Name:   www.cnn.com
Address: 157.166.226.26
Name:   www.cnn.com
Address: 157.166.255.19
Name:   www.cnn.com
Address: 157.166.224.25
Name:   www.cnn.com
Address: 157.166.224.26
Name:   www.cnn.com
Address: 157.166.226.25


$ nslookup 157.166.255.18
Server:         192.168.123.254
Address:        192.168.123.254#53

Non-authoritative answer:
18.255.166.157.in-addr.arpa     name = www.cnn.com.
Note that the 4 groups of numbers get swapped arround when constructing the in-addr.arpa pseudo-doman name.
 

·
Registered
Joined
·
8,290 Posts
^^^^
It also won't work right if an alias is used.

BTW, here's what it looks like with IPv6 for google.com:

host 2001:4860:800f::93
3.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.0.0.8.0.6.8.4.1.0.0.2.ip6.arpa domain name pointer iad04s01-in-x93.1e100.net.
 

·
Registered
Joined
·
298 Posts
Discussion Starter #4
Thank you for the response. I was worried, as *.in-addr.arpa had over 3000 requests in a 24-hour period.
 
1 - 4 of 4 Posts
Top