Presentation is loading. Please wait.

Presentation is loading. Please wait.

REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA.

Published byNeil McBride Modified over 8 years ago

Similar presentations

Presentation on theme: "REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA."— Presentation transcript:

1 REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA

2 WHY Who clients/users are ? Every DNS entry name-IP (A record) must have a correspondence IP-name(PTR record) Otherwise: –Acces denied to certains services (ftp, mail, IRC,....) –Hard network debug (traceroute) –More undesirable network traffic

3 HOW net com afrin ic www mz co tislabs who is sun moon google arpa in-addr IP v4 addresses IP v6 addresses ip6 DNS TREE

4 IPV4

5 Mapping IPv4 address in DNS Example 196.26.1.3 –192/8 is allocated to RIR –192.26/16 is allocated by RIR to LIR/ISP –192.26.1/24 is assigned by ISP to a company. Delegation in the DNS: –root delegates 192 domain to RIR –RIR delegates “26” sub-zone to ISP –ISP delegates “1” sub-zone to company. Name that makes this possible: –1.26.192.in-addr.arpa.

6 Mapping IPv4 address to names In IPv4 the mapping is done on 8 bit boundaries(class full), address allocation is class less –/8, /16, /24 Zone administration does not always overlap address administration If you have a /22 of address space: divide it in /24s and request a delegation for each one of them

7 LIR and end-users PI Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Create the domain object in the RIR database –Only /16 and /24 If authentication and dns check are OK, delegation is visible next time RIR push zone file

8 End-users Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Contact your ISP –<=/24 For < /24 –RFC 2317

9 domain object domain: 208.200.196.in-addr.arpa descr: AFNOG05 conference network, 9-30 april 2005 admin-c: GJDG-AFRINIC tech-c: GJDG-AFRINIC zone-c: GJDG-AFRINIC nserver: ns196-200-208a.ws.afnog.org nserver: ns196-200-208b.ws.afnog.org mnt-by: AFNOG-MNT changed: afnog2005-c@ws.afnog.org 20050307 source: AFRINIC

10 IPV6

11 Allocations policy –/23 allocated to RIR –/32 allocated to LIR/ISP –/48 assigned to end users in general –/64 assigned to end users when only one net is used –/128 assisgned to end users when only one device is used Policy is moving Allocations policy

12 Number is translated into 4 bit nibbles under the ip6.arpa. 2001:0238::a00:46ff:fe06:1460 0.6.4.1.6.0.e.f.f.f.6.4.0.0.a.0.0.0.0.0.0.0.0.0.8.3.2.0.1.0.0.2.ip6.arpa. If you have a /23, split into 2 /24s If you have a /47, split into 2 /48s Mapping IPv6 address in DNS

13 Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Create the domain object in the RIR database –/32 If authentication and dns check are OK, delegation is visible next time RIR pushes zone file LIR and end-users PI

14 Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Contact your ISP –/48, /64, /128 End-users

15 domain: 0.6.6.0.1.0.0.2.ip6.arpa descr: Reverse delegation for Renater sub-TLA admin-c: BT261-RIPE tech-c: BT261-RIPE tech-c: GR1378-RIPE zone-c: GR1378-RIPE nserver: sem2.renater.fr nserver: imag.imag.fr nserver: iode.ipv6.pps.jussieu.fr nserver: ns3.nic.fr mnt-by: RENATER-MNT changed: rensvp@renater.fr 20021112 changed: rensvp@renater.fr 20030828 source: RIPE domain object

16 References http://www.ripe.net/reverse/reverse_howto.html http://www.apnic.net/db/domain.htmlhttp://www.afrinic.net/d ocs/supporting/afsup-rev200504.htmhttp://www.apnic.net/db/domain.htmlhttp://www.afrinic.net/d ocs/supporting/afsup-rev200504.htm

Download ppt "REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA."

Similar presentations

Internet Number Resource Status Report As of 30 June 2005.

Internet Number Resource Status Report As of 30 June 2005.
CCNA1 v3 Module 9 v3 CCNA 1 Module 9 JEOPARDY K. Martin Galo Valencia.

CCNA1 v3 Module 9 v3 CCNA 1 Module 9 JEOPARDY K. Martin Galo Valencia.
December 2013 Internet Number Resource Report. December 2013 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 December.

December 2013 Internet Number Resource Report. December 2013 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 December.
March 2014 Internet Number Resource Report. March 2014 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 March 2014 Prepared.

March 2014 Internet Number Resource Report. March 2014 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 March 2014 Prepared.
Web Server Administration

Web Server Administration
IPv6: The Future of the Internet? July 27th, 1999 Auug.

IPv6: The Future of the Internet? July 27th, 1999 Auug.
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Mirjam Kühne 1 RIPE 34, September 1999 Registration Services Report presented by Mirjam Kühne.

Mirjam Kühne 1 RIPE 34, September 1999 Registration Services Report presented by Mirjam Kühne.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.

DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.

DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
Reverse DNS.

Reverse DNS.
Security and Information Assurance for the DNS Dan Massey USC/ISI.

Security and Information Assurance for the DNS Dan Massey USC/ISI.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting What is Reverse DNS October 26th, Brisbane Bruce.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting What is Reverse DNS October 26th, Brisbane Bruce.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.

Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
Application Layer At long last we can ask the question - how does the user interface with the network?

Application Layer At long last we can ask the question - how does the user interface with the network?
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.

DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Module 12: Domain Name System (DNS)

Module 12: Domain Name System (DNS)
Chapter 25 Domain Name System

Chapter 25 Domain Name System
DOMAIN NAME SYSTEM. Domain Name System Hostname Resolution DNS Name Lookup with DNS Domain Name Servers DNS Database Reverse Lookups.

DOMAIN NAME SYSTEM. Domain Name System Hostname Resolution DNS Name Lookup with DNS Domain Name Servers DNS Database Reverse Lookups.

Similar presentations

Ads by Google