Reverse Lookup Zones

  • Thread starter Thread starter pairey
  • Start date Start date
P

pairey

All,

I am finding it really hard to find a definitive answer to whether I
need Reverse Lookup Zones in my AD. I currently have them, but they
are messey. Some live in the empty root, some are delegated to the
resource child domain and some live in the resource child domain. What
is the correct way to set them up ? Dlegated from the root or in the
child domain ? Are they necessary ? Should I use scavenging ? Which
apps need/use them ?
For some reason, everywhere is extremely vague when it comes to
Reverse Lookups, hence my posting a question here. Can anyone advise,
or point me in the direction of some good reading ?
Many thanks in advance.

Phil Airey
 
All,

I am finding it really hard to find a definitive answer to whether I
need Reverse Lookup Zones in my AD.
Click to expand...

No.

There is in general NO requirement for reverse lookup records or
even zones in an internal netowork.

Reverse lookups are almost totally an administrator's convenience
in such situations.

The major exception for reverse lookups is PUBLICLY on the
INTERNET for you SMTP "sending" servers.
I currently have them, but they
are messey. Some live in the empty root, some are delegated to the
resource child domain and some live in the resource child domain.
Click to expand...

They can live anywhere. They typically SHOULD be held where the
machine that have those addresses can most easily register them.
What
is the correct way to set them up ? Dlegated from the root or in the
child domain ? Are they necessary ? Should I use scavenging ? Which
apps need/use them ?
Click to expand...

Reverse zones have NO (zero) technical connection to any AD Domain
or even to any DNS forward domain.

Such is merely a (common) figment of our imaginations as human admins
(mine too.)
For some reason, everywhere is extremely vague when it comes to
Reverse Lookups,
Click to expand...

Because such are seldom if ever required internally. Only for SMTP
server TYPICALLY on the public zones.
hence my posting a question here. Can anyone advise,
or point me in the direction of some good reading ?
Many thanks in advance.
Click to expand...

You could read "DNS and BIND" 27th edition (realy about 4th or 5th
but get the latest whatever that is) or you can just ask more questions.

Having the reverse zones lets you an admin do this:

nslookup 192.168.10.230

....and get back the name of the machine. But there are other ways
usually.
 
No.

There is in general NO requirement for reverse lookup records or
even zones in an internal netowork.

Reverse lookups are almost totally an administrator's convenience
in such situations.

The major exception for reverse lookups is PUBLICLY on the
INTERNET for you SMTP "sending" servers.


They can live anywhere. They typically SHOULD be held where the
machine that have those addresses can most easily register them.


Reverse zones have NO (zero) technical connection to any AD Domain
or even to any DNS forward domain.

Such is merely a (common) figment of our imaginations as human admins
(mine too.)


Because such are seldom if ever required internally. Only for SMTP
server TYPICALLY on the public zones.


You could read "DNS and BIND" 27th edition (realy about 4th or 5th
but get the latest whatever that is) or you can just ask more questions.

Having the reverse zones lets you an admin do this:

nslookup 192.168.10.230

...and get back the name of the machine. But there are other ways
usually.
Click to expand...

Many thanks indeed Herb, an excellent reply covering all the questions
I asked.
 
Back
Top