Reverse Lookup Problems
A lot of services, especially on UNIX, but also security-sensitive services on other platforms, try to perform reverse lookups of the origin hosts of all incoming connections. If the lookup fails, the service might deny the connection on the grounds that it wants to know to whom it talks, or because it simply is not allowed to talk to strangers.
But, even if the query works, the service might deny the connection. A common UNIX security mechanism, known as tcp wrappers or tcpd,performs a lot of checking. One of the checks it performs is whether the reverse lookup matches the forward lookup. If the IP address 10.35.129.219 has a PTR record saying its name is foo.penguin.bv, and foo.penguin.bv has an A record saying 10.35.129.218, ...
Get Concise Guide to DNS and BIND, The now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
