edited by
10,007 views
50 votes
50 votes

Assume that "host1.mydomain.dom" has an IP address of $145.128.16.8$. Which of the following options would be most appropriate as a subsequence of steps in performing the reverse lookup of $145.128.16.8$ ? In the following options "NS" is an abbreviation of "nameserver".

  1. Query a NS for the root domain and then NS for the "dom" domains
  2. Directly query a NS for "dom" and then a NS for "mydomain.dom" domains
  3. Query a NS for in-addr.arpa and then a NS for $128.145.$in-addr.arpa domains
  4. Directly query a NS for $145.$in-addr.arpa and then a NS for $128.145.$in-addr.arpa domains
edited by

4 Answers

Best answer
41 votes
41 votes

The answer is (C)

A & B are clearly wrong as we are doing Reverse lookup.

C is the closest answer to the process given in $\text{RFC}\; 1033$. We need to get NS for in-addr.arpa before doing a query to $8.16.128.145.$in-addr.arpa

D is not correct, it is not close to the process.

Relevant stuff from https://tools.ietf.org/html/rfc1033 

IN-ADDR.ARPA

   The structure of names in the domain system is set up in a
   hierarchical way such that the address of a name can be found by
   tracing down the domain tree contacting a server for each label of
   the name.  Because of this 'indexing' based on name, there is no easy
   way to translate a host address back into its host name.

   In order to do the reverse translation easily, a domain was created
   that uses hosts' addresses as part of a name that then points to the
   data for that host.  In this way, there is now an 'index' to hosts'
   RRs based on their address.  This address mapping domain is called
   IN-ADDR.ARPA.  Within that domain are subdomains for each network,
   based on network number.  Also, for consistency and natural
   groupings, the 4 octets of a host number are reversed.

   For example, the ARPANET is net 10.  That means there is a domain
   called 10.IN-ADDR.ARPA.  Within this domain there is a PTR RR at
   51.0.0.10.IN-ADDR that points to the RRs for the host SRI-NIC.ARPA
   (who's address is 10.0.0.51).  Since the NIC is also on the MILNET
   (Net 26, address 26.0.0.73), there is also a PTR RR at 73.0.0.26.IN-
   ADDR.ARPA that points to the same RR's for SRI-NIC.ARPA.  The format
   of these special pointers is defined below along with the examples
   for the NIC.
 The PTR record is used to let special names point to some other
   location in the domain tree.  They are mainly used in the IN-
   ADDR.ARPA records for translation of addresses to names.  PTR's
   should use official names and not aliases.

   For example, host SRI-NIC.ARPA with addresses 10.0.0.51 and 26.0.0.73
   would have the following records in the respective zone files for net
   10 and net 26:

           51.0.0.10.IN-ADDR.ARPA.  PTR   SRI-NIC.ARPA.
           73.0.0.26.IN-ADDR.ARPA.  PTR   SRI-NIC.ARPA.
edited by
25 votes
25 votes

In Reverse DNS look up from IP address we will get Domain name.For example, one IP address of Google.com is 74.125.142.147. If you were to type this IP address in the Reverse DNS Lookup Tool, it will return the host name of Google as listed in the database of ARPA, the Address and Routing Parameter Area (arpa) top-level domain of the Internet. to do a reverse lookup of the IP address 74.125.142.147 the PTR record for the domain name 74.125.142.147.in-addr.arpa would be looked up.So first it will check top level domain addr.arpa then ip address part.

So according to the above theory we can conclude C is the answer

20 votes
20 votes
answer - C

we are performing reverse lookup of IP address to its hostname

first we need to locate in-addr.apra

then perform reverse lookup of 8.16.128.145.in-addr.arpa which will point to host1.mydomain.com
6 votes
6 votes

Reference 1: Forouzan

 

Source : https://stackoverflow.com/questions/23981098/how-forward-and-reverse-dns-works

How a reverse DNS lookup is accomplished:

  • The DNS resolver reverses the IP, and adds it to ".in-addr.arpa" (or ".ip6.arpa" for IPv6 lookups), turning 192.0.2.25 into 25.2.0.192.in-addr.arpa.
  • The DNS resolver then looks up the PTR record for 25.2.0.192.in-addr.arpa.
    • The DNS resolver asks the root servers for the PTR record for 25.2.0.192.in-addr.arpa.
    • The root servers refer the DNS resolver to the DNS servers in charge of the Class A range (192.in-addr.arpa, which covers all IPs that begin with 192).
    • In almost all cases, the root servers will refer the DNS resolver to a "RIR" ("Regional Internet Registry"). These are the organizations that allocate IPs. In general, ARIN handles North American IPs, APNIC handles Asian-Pacific IPs, and RIPE handles European IPs.
    • The DNS resolver will ask the ARIN DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.
    • The ARIN DNS servers will refer the DNS resolver to the DNS servers of the organization that was originally given the IP range. These are usually the DNS servers of your ISP, or their bandwidth provider.
    • The DNS resolver will ask the ISP's DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.
    • The ISP's DNS servers will refer the DNS resolver to the organization's DNS servers.
    • The DNS resolver will ask the organization's DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.
    • The organization's DNS servers will respond with "host.example.com".
edited by
Answer:

Related questions

38 votes
38 votes
2 answers
2
23 votes
23 votes
4 answers
4