I'll comment on this file below
@ IN SOA land-5.com. root.land-5.com. ( 199609206 ; Serial 28800 ; Refresh 7200 ; Retry 604800 ; Expire 86400) ; Minimum TTL NS land-5.com. NS ns2.psi.net. ; ; Servers ; 1 PTR router.land-5.com. 2 PTR land-5.com. 2 PTR funn.land-5.com. ; ; Workstations ; 200 PTR ws-177200.land-5.com. 201 PTR ws-177201.land-5.com. 202 PTR ws-177202.land-5.com. 203 PTR ws-177203.land-5.com. 204 PTR ws-177204.land-5.com. 205 PTR ws-177205.land-5.com. ; {Many repetitive definitions deleted - SNIP} 250 PTR ws-177250.land-5.com. 251 PTR ws-177251.land-5.com. 252 PTR ws-177252.land-5.com. 253 PTR ws-177253.land-5.com. 254 PTR ws-177254.land-5.com.
The reverse zone is the bit of the setup that seems to cause the
most grief. It is used to find the host name if you have the IP
number of a machine. Example: you are an IRC server and accept
connections from IRC clients. However you are a Norwegian IRC server
and so you only want to accept connections from clients in Norway and
other Scandinavian countries. When you get a connection from a client
the C library is able to tell you the IP number of the connecting
machine because the IP number of the client is contained in all the
packets that are passed over the network. Now you can call a function
called gethostbyaddr that looks up the name of a host given the IP
number. Gethostbyaddr will ask a DNS server, which will then traverse
the DNS looking for the machine. Supposing the client connection is
from ws-177200.land-5.com. The IP number the C library provides to
the IRC server is 206.6.177.200. To find out the name of that machine
we need to find 200.177.6.206.in-addr.arpa
. The DNS server will
first find the arpa.
servers, then find in-addr.arpa.
servers, following the reverse trail through 206, then 6 and at last
finding the server for the 177.6.206.in-addr.arpa
zone at LAND-5.
From which it will finally get the answer that for
200.177.6.206.in-addr.arpa
we have a ``PTR
ws-177200.land-5.com
'' record, meaning that the name that goes with
206.6.177.200
is ws-177200.land-5.com
. As with the
explanation of how prep.ai.mit.edu
is looked up, this is slightly
fictitious.
Getting back to the IRC server example. The IRC server only
accepts connections from the Scandinavian countries, i.e., *.no
,
*.se
, *.dk
, the name ws-177200.land-5.com
clearly does
not match any of those, and the server will deny the connection. If
there was no reverse mapping of 206.2.177.200
through the
in-addr.arpa
zone the server would have been unable to find the
name at all and would have to settle to comparing 206.2.177.200
with *.no
, *.se
and *.dk
, none of which will match.
Some people will tell you that reverse lookup mappings are only important for servers, or not important at all. Not so: Many ftp, news, IRC and even some http (WWW) servers will not accept connections from machines of which they are not able to find the name. So reverse mappings for machines are in fact mandatory.