North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NANOG list reverse DNS handling

  • From: Daniel Roesen
  • Date: Sat Apr 03 16:56:16 2004

On Sat, Apr 03, 2004 at 02:02:54PM -0700, Mike Lewinski wrote:
> Note that this doesn't work if the resolver has an ACL applied that 
> restricts who can do resolution on it and you don't fall within that 
> ACL.

This is the case, sadly. I wanted to propose your method too. :-)

> But the bigger hurdle here is really figuring out what the resolver 
> mail.merit.edu uses, since it's most likely open.

Not a big hurdle. Run tcpdumps on the auth servers of a domain from
which you do a test connect to mail.merit.edu. Of course, this machine
shouldn't be in their cache already. You'll find out that mail.merit.edu
runs a local DNS cache and that it refuses any queries from outside.


Best regards,
Daniel