No announcement yet.

DNS reverse records and entries

  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS reverse records and entries

    I worked for a small company with Windows Server 2008 R2 AD and Linux mixed environment .
    My question is whether it is necessary to enter these DNS reverse entries in DNS reverse zone?

    some background:

    They had tons of DNS error and not FQDNs. I was told to enter each abandoned name or ip address in DNS reverse zone --add a new PTR.

    These are all internal not FQDN and Ip addresses. Even cannot ping these IP addresses. the name like winx86oxccc some kind of garbage.

    I think they are all abandoned names. Some VM users created a new VM and join the domain then these VMs are deleted... Thye have 500 VMs, some for developers ' testing.

  • #2
    Re: DNS reverse records and entries

    rDNS zones and PTR records are not used in any way by AD or Windows clients for normal communication.


    • #3
      Re: DNS reverse records and entries

      Do you have something to support your theory?

      Pointer records are used to map a network interface (IP) to a host name

      Reverse DNS is setup very similar to how normal (forward) DNS is setup. When you delegate forward DNS the owner of the domain tell the registrar to have your domain use certain name servers. Reverse DNS works the same way in that the owner of the IPs needs to delegate the reverse DNS to DNS Made Easy name servers as well. The owner of the IPs is usually the ISP, the hosting provider, or your own group of they are directly delegated from ARIN


      • #4
        Re: DNS reverse records and entries

        You are talking about rDNS for internal AD DNS zones and an internal ip address space, right? If so then here's a paragraph to peruse:

        The Active Directory Installation wizard does not automatically add a reverse lookup zone and PTR resource records, because it is possible that another server, such as the parent server, controls the reverse lookup zone. You might want to add a reverse lookup zone to your server if no other server controls the reverse lookup zone for the hosts listed in your forward lookup zone. Reverse lookup zones and PTR resource records are not necessary for Active Directory to work, but you need them if you want clients to be able to resolve FQDNs from IP addresses. Also, PTR resource records are commonly used by some applications to verify the identities of clients.

        And this paragraph:

        The configuration of PTR resource records and reverse lookup zones for identifying hosts by reverse query is strictly an optional part of the DNS standard implementation. You are not required to use reverse lookup zones, although for some networked applications, they are used to perform security checks.

        And this:

        You do not need reverse lookup zones and PTR resource records for Active Directory to function.

        What I'm saying is that for Active Directory functionality and for normal and standard Windows client name resolution, rDNS zones are not required. That's why they are not automatically created, because they are completely optional in a Windows AD network.

        Maybe you're referring to rDNS zones for a public ip address?