cancel
Showing results for 
Search instead for 
Did you mean: 

Fixed IP reverse DNS stopped working, but support say this is normal.

racquel
Grafter
Posts: 181
Thanks: 4
Registered: ‎21-11-2008

Fixed IP reverse DNS stopped working, but support say this is normal.

iptables and also the ACL in the Asterisk VOIP system suddenly started complaining about my IP address not being valid (from Googling, I gather it does some kind of reverse DNS sanity check or lookup).

So I tracert'd it and it came up with the name, correctly:

tracert 84.92.52.167
Tracing route to 84-92-52-167.plus.com [84.92.52.167]

Let's try it in reverse now:

tracert 84-92-52-167.plus.com

Unable to resolve target system name 84-92-52-167.plus.com.

That didn't look right to me, so I logged a support ticket, and within a couple of hours, the following reply came:

 

I have spoken with someone in our Networks team and they have advised me that this is normal behaviour. This is to protect you from attacks and compromising your information.

They also advised if it was the case where your Static IP address was not working then your internet connection would also not work.

Well, I never actually said my static IP wasn't working, I said DNS wasn't working for my IP.

So if this is "normal", how come it's only just started happening? Also, let's pick a couple either side of mine:

tracert 84.92.52.166
Tracing route to rosemarysh31.pndsl.co.uk [84.92.52.166]

tracert rosemarysh31.pndsl.co.uk
Tracing route to rosemarysh31.pndsl.co.uk [84.92.52.166]

 

tracert 84.92.52.168
Tracing route to moira4.plus.com [84.92.52.168]

tracert moira4.plus.com
Tracing route to moira4.plus.com [84.92.52.168]

Before I reply to support, are they correct? If so, then why aren't other plusnet address "protected" like mine is? And now that this has started happening, how do I stop firewalls and ACLs in other software complaining about invalid IP addresses?

 

Tags (2)
8 REPLIES 8
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

works with mine but is it router dependant

Browni
Aspiring Hero
Posts: 2,673
Thanks: 1,054
Fixes: 60
Registered: ‎02-03-2016

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

If I do a tracert on my IP address it shows myusername.plus.com

A tracert on myusername.plus.com shows my IP address.

Presumably this is the behaviour you expected?

racquel
Grafter
Posts: 181
Thanks: 4
Registered: ‎21-11-2008

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

Indeed, but, as you can see, not what is happening.
PeeGee
Pro
Posts: 1,217
Thanks: 84
Fixes: 3
Registered: ‎05-04-2009

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

Have you tried the default  "<user>.plus.com"? I have just checked and I have the same result as you, with the default address responding rather than the IP version.

Phil

Plusnet FTTC (Sep 2014), Essentials (Feb 2013); ADSL (Apr 2009); Customer since Jan 2004 (on 28kb dial-up)
Using a TP-Link Archer VR600 modem-router.
aesmith
Pro
Posts: 624
Thanks: 76
Fixes: 4
Registered: ‎26-09-2015

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

Just to keep the terminology correct DNS reverse lookup takes an IP address and resolves it to a hostname, as in the first traceroute command shown "tracert 84.92.52.167".

So the problem here is that reverse lookup of your static address returns a hostname for which forward lookup fails.

As a workaround can you add a static host entry on your Asterix system giving that forward lookup?

racquel
Grafter
Posts: 181
Thanks: 4
Registered: ‎21-11-2008

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

I finally got a reply from support, but I'm just left even more confused:

 

 

Apparently this is "the response you and I would expect" (quoting from the ticket)

C:Userscwilkie>nslookup myhiddenusername.plus.com

Name: myhiddenusername.plus.com
Address: 84.92.52.167

But

nslookup myhiddenusername.plus.com
Name: myhiddenusername.plus.com
Address: 84.92.52.167

 

so

nslookup 84.92.52.167
167.52.92.84.in-addr.arpa name = 84-92-52-167.plus.com.

therefore

nslookup 84-92-52-167.plus.com
** server can't find 84-92-52-167.plus.com: NXDOMAIN

In other words, shouldn't the name which the IP maps to then be able to map back to the IP from the name?

What it's doing isn't what I'd expect. Am I wrong here?!

Anyway, they're going to pass it to another team.

racquel
Grafter
Posts: 181
Thanks: 4
Registered: ‎21-11-2008

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

Aha! There's been action on the ticket. At mid-day yesterday:

Many thanks for your patience. I have redefined your PTR records as requested. Please allow 24 hours for these changes to take effect

Nothing changed yet... will keep an eye on it.

aesmith
Pro
Posts: 624
Thanks: 76
Fixes: 4
Registered: ‎26-09-2015

Re: Fixed IP reverse DNS stopped working, but support say this is normal.

That sounds as if they're on the right lines, PTR records are used to look up an IP address and return a host name.

 

By the way I notice if you check other IP addresses a similar to yours they return what looks like the user's Plusnet hostname, and in turn if you lookup that host name it give the IP address.  So yours does seem to be an oddity rather than the norm.