Reverse DNS (PTR) 1

[Phizzle]

Just wondering if it is common to have a PTR record for an inside IP (using a Cisco 2811). We have PTR records for our published static IP addresses, but our email is being "tagged" w/ the inside IP of the router rather than the static IP of the mailserver....which, of course causes AOL.com email to hang in the queue.

Thanks,
Philip

 

[Zen37]

Hi Phil

It's more than common, it's the norm. You cannot have a PTR record for more than one name.

Now as far as the rest of the question goes, i don't quite understand you. Can you rephrase it?

One thing is for sure, your external DNS should have a PTR record with the external IP of your mail server and the IP of your external MX record.

 

[Phizzle]

Our external static is xxx.xxx.xxx.58 with the serial connection the cisco being xxx.xxx.xxx.57 The PTR record for our mail server is for the .58 Mail comes and goes fine with the exception of AOL.com emails. They do reverse lookups to verify non-spammers. When I send and email to AOLs ipconfirm testmail account it comes back with the .57 IP address...which as I said does not have a PTR record. I guess my main concern was getting a PTR for that particular IP. We have 7 statics assigned to us, but only us the .58 for email and internet access. So, back to my original question...do I just go ahead and get a PTR for the .57 address and forget it? I know that's probably not a better explaination, but I'm not sure how else to describe it.

Thanks for the help though!!
Philip

 

[ChrisAC]

I would be more concerned that AOL is seeing the .57 address instead of the .58 of your mail server! However, that's another issue.

If you already have a PTR for the .58 pointing to the hostname for your mail server then that's all good. There is nothing stopping you from also having another PTR for your router on the .57 address as well, like gateway.yourdomain.com or whatever you like. However, whatever you call it just make sure that you set up a forward A record to match the PTR otherwise the rDNS check will still fail.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[Phizzle]

Well actually, I am more concerned why they are seeing the .57 address...hence the reason I posted it in the Cisco forum. We have a single T1 (serial) connection w/ access to 7 IP addresses. Since everything goes in and out on the .58 address so I can't understand why aol 'sees' the .57. I looked in the NAT setup and noticed that port 25 and 80 are translated to .58...again...confusing...thanks for all the help!

Philip

 

[ChrisAC]

But how exactly is your NAT set up? Are you port forwarding from the .58 to the internal server or do you have a static NAT set up so that all outbound traffic is translated as well? Could you post your config?

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[Phizzle]

There are 3 static NATs setup (for ports 25, 80, & 443 - all w/ the from IP being the server and the to IP being the .58) there is also a dynamic NAT for all internal IPs translated to the .57
- As a side note...I'm new here and wasn't involved in the setup of this router, so I'm troubleshooting at this point.
Thanks again,
Philip

 

[ChrisAC]

Sounds like you only have NAT for inbound traffic to those ports, essentially port forwarding. All outbound traffic will hit the PAT rule which is why AOL is seeing the address of your router.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[sikek]

Read this link.

http://www.dmsiusa.com/aol.htm

 

[NetworkGhost]

Do you have access to your reverse lookup records? I would check to see if there are errors in the record.