[69285] in North American Network Operators' Group
Re: NANOG list reverse DNS handling
daemon@ATHENA.MIT.EDU (Daniel Roesen)
Sat Apr 3 16:54:18 2004
Date: Sat, 3 Apr 2004 23:52:21 +0200
From: Daniel Roesen <dr@cluenet.de>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <406F267E.8050206@rockynet.com>; from mike@rockynet.com on Sat, Apr 03, 2004 at 02:02:54PM -0700
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Apr 03, 2004 at 02:02:54PM -0700, Mike Lewinski wrote:
> Note that this doesn't work if the resolver has an ACL applied that
> restricts who can do resolution on it and you don't fall within that
> ACL.
This is the case, sadly. I wanted to propose your method too. :-)
> But the bigger hurdle here is really figuring out what the resolver
> mail.merit.edu uses, since it's most likely open.
Not a big hurdle. Run tcpdumps on the auth servers of a domain from
which you do a test connect to mail.merit.edu. Of course, this machine
shouldn't be in their cache already. You'll find out that mail.merit.edu
runs a local DNS cache and that it refuses any queries from outside.
Best regards,
Daniel
