Configuration of Reverse DNS

For proper RDNS work we have to put information about our Reverse Domain and Name server into RIPE (ARIN, AFRINIC) Database. Before this can be done, we must setup our name server. I’m using BIND name server. Each /24 network is present as a single Reverse Domain. For example, you’ve got a /22 IPv4 network, it means that you should create 4 Reverse domains in format in-addr.arpa. How to create a Reverse domain from IP address ? It’s simple, just turn your IP address 109.205.240.0/24 to  240.205.109 and add .in-addr.arpa, result is 240.205.109.in-addr.arpa. Below is shown example of BIND configuration for network 109.205.240.0/24 :

File named.conf 
zone “240.205.109.in-addr.arpa” {
type master;
file “zone/240.205.109.db”;
};

File zone/240.205.109.db 
$TTL 3600
@ IN SOA ns.mydomain.com. admin.mydomain.com. (
2009012901 ; serial
28800 ; refresh (8 hours)
14400 ; retry (4 hours)
3600000 ; expire (5 weeks 6 days 16 hours)
86400 ; minimum (1 day)
)
NS ns.mydomain.com.
NS ns.tx.net.ua.
1 PTR alpha.mydomain.com.
2 PTR upc.mydomain.com.
3 PTR php.mydomain.com.
4 PTR alex.mydomain.com.

Updating of RIPE database

When configuration of BIND is done, we can enter our data to Routing database. If you are from Europe/Middle East, you are using RIPE DB :

https://apps.db.ripe.net/webupdates/select-type.html

Steps are Create a new object -> Domain -> Add object. Find picture below.

2015-05-13 12.58.10 pm

 

When filling the form you should add field nserver and enter password at the left side of the form – “Session Passwords” field.

Example of properly filled formed is below –

2015-05-13 12.59.15 pm

Description of fields :
domain – our Reverse domain
description – Doesn’t matter what you put there, just for information
nserver – our name server, must be located on two different IPs (master and slave)
admin-c, tech-c, zone-c – contacts of people responsible for zone
mnt-by – this field is called maintainer and is used for authentication, smth. like your login to RIPE DB
changed – e-mail address of the person who created an object (automatically will be added date of creation/change )
source – always “RIPE”

After these steps you can start using reverse entries inside your network. Main reasons to do it is need to have MX servers inside the network and possibility to see domain names of your equipment in traceroutes.