.arpa, rDNS and a few magical ICMP hacks

62•caminanteblanco•3mo ago

Comments

possiblelion•3mo ago

super interesting. the early days of military networks always fascinate me, especially the legacy holdovers like .arpa

ectospheno•3mo ago

Between resolver.arpa, ipv4only.arpa, and the fact that your email won't be delivered to anywhere you actually care about without in-addr.arpa I'm not sure I'd call it legacy.

caminanteblanco•3mo ago

I didn't even realize that half of the parts of the stack mentioned here existed. I'm going through the process of setting up a home server, and this is definitely giving me some ideas for nonsense to implement.

anonymousiam•3mo ago

Reverse delegation (RFC 2317) is the way IP-to-FQDN lookups are usually done now. Before this was popular, you could get your ISP to defer to your DNS for reverse records directly, versus them using a set of individual PTR records.

Even though the RFC was written in 1998, it took a while for it to catch on. For years, my DNS servers were using both methods.

Both methods make use of the .in-addr.arpa "domain" syntax.

ranger_danger•3mo ago

> Reverse delegation (RFC 2317) is the way IP-to-FQDN lookups are usually done now

> Before this was popular, you could get your ISP to defer to your DNS for reverse records directly

I'm not actually seeing the difference between these two... besides this new "reverse delegation" allowing different nameservers for prefixes longer than /24... aren't you still relying on your ISP/upstream provider (if you don't own your own IPs) to delegate reverse lookups to your own DNS server either way?

merlyn•3mo ago

Correct, what RFC2317 brings you, is an example of you creating a new namespace in some structured format (IIRC, there are three different example formats given in this RFC), and you just have the upstream ISP, which has the reverse delegation done on the zone cut boundary for the IP ranges it controls inserting a CNAME out to your new namespace on nameservers you control for the reverse PTRs so the reverse PTRs can be formed that way.

Running a long time ISP, I found extremely few customers wanting to do something like RFC2317, or could actually figure out and do it effectively. Almost all were content with control panel/API and having the ISP do it after I pointed them to this informational RFC asking them if this is what they wanted.

anonymousiam•3mo ago

I think part of the reason most ISPs don't support RFC2317 or reverse delegation is that it makes it easy for a bad actor who's in charge of the DNS server being delegated to, to spoof any domain they want. The consequences of this sort of spoofing have now been limited by other systems and protocols anyway, so it's not as big of a deal.

ISPs prefer to have direct control of the reverse lookups within their IP blocks so they can ensure the integrity of the information.

Start all of your commands with a comma

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

The Waymo World Model

What Is Ruliology?

How we made geo joins 400× faster with H3 indexes

Jeffrey Snover: "Welcome to the Room"

Unseen Footage of Atari Battlezone Arcade Cabinet Production

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Show HN: I spent 4 years building a UI design tool with only the features I use

Sheldon Brown's Bicycle Technical Info

Hackers (1995) Animated Experience

Microsoft open-sources LiteBox, a security-focused library OS

Show HN: If you lose your memory, how to regain access to your computer?

An Update on Heroku

Dark Alley Mathematics

PC Floppy Copy Protection: Vault Prolok

Delimited Continuations vs. Lwt for Threads

Vocal Guide – belt sing without killing yourself

How to effectively write quality code with AI

Was Benoit Mandelbrot a hedgehog or a fox?

Introducing the Developer Knowledge API and MCP Server

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

Understanding Neural Network, Visually

I now assume that all ads on Apple news are scams

Learning from context is harder than we thought

Why I Joined OpenAI

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

Female Asian Elephant Calf Born at the Smithsonian National Zoo

FORTH? Really!?