Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » host name .in-addr-arpa
  •  
framo72

Messages: 8
Karma: 0
Send a private message to this user
Hello,

I have Kerio Control 8 Linux Appliance.

In the admin panel "active hosts" I have always had the hostnames in this format:
192.168.1.13

since today I have:
13.1.168.192.in-addr.arpa

Can anyone please explain me why ?

Thank you.
  •  
spock

Messages: 15
Karma: 1
Send a private message to this user
Hello,

Same thing here after updating from windows 7 pro to Software appliance...

First, where is some info about our config.

Head Quarter:
My First LAN segment 192.168.5.X
My Second LAN segment 223.255.255.X
and VPN to Branch Office.

Branch Office:
Only one LAN segment 223.255.235.X

Looking from Kerio control (Software appliance) at the Head Office

and see
( 106.5.168.192.in-addr.arpa ) so i don't know why Kerio control Add (X.in-addr.arpa) in that Lan segment.

Another strange thing from my second Lan, our Branch Office segment, a user want to print from Head Quarter to Branch Office ip printer that have an ip 223.255.235.X
and see in Kerio Active Connection that DNS was vpn.teamhealth.asn.au that reflect correct ip.

So it's real that doing Whois for vpn.teamhealth.asn.au reflect right 223.255.235.10
that's correct but in our local lan it's strange that this connection valid this ip to external ip for a local class c ip range.

But i think it could be fixed by making a dns lookup forward to correct it but still this not affect us because we us ip nor dns for printer and other stuff like that.

Regards.

  •  
Martin Šimek

Messages: 4
Karma: 0
Send a private message to this user
In order to find out human readable name (hostname) of computer with given ip address in form x.y.z.w, DNS query is issued to DNS server. This is called reverse DNS lookup. To prevent listing all hostnames in DNS servers and testing whether they have given IP address there is middle step that uses hostname in form of w.z.y.x.in-addr.arpa. On DNS server there should be so called PTR record that says that w.z.y.x.in-addr.arpa belongs to particular hostname (e.g. my.example.com). Such a records are created automatically by DNS servers. So they should be always present and correct.

In case of private network addresses (192.168.*, 10.* and 172.*) public DNS servers have no idea about hostnames. For resolving names in private local network it is always necessary to use local private DNS server (e.g. Domain controller or gateway).

However in each cases server must return either valid hostname or response about nonexistent record, which is in control treated correctly. (At least according to source code).

Can you please specify whether you are using public or private DNS server in your Control appliance? If you use private, what brand is it? If you use public can you tell us its IP address? The only possibility how entry in form of w.z.y.x.in-addr.arpa can appear in Control's host listing is that server respond with this as a valid answer.
  •  
framo72

Messages: 8
Karma: 0
Send a private message to this user
I'm using the Kerio Control DNS module for resolving a private ip class: 172.18.78.x

Here is a snapshot:

./fa/2968/0/

  • Attachment: snap.jpg
    (Size: 69.83KB, Downloaded 1761 times)
  •  
Martin Šimek

Messages: 4
Karma: 0
Send a private message to this user
I still suspect third party DNS server. Control either know correct hostname or returns unknown. Would it be possible for you to lookup hostname for any of computers listed above using using command nslookup? It can be done like this:


  1. Enable DNS messages (2× present) in debug log
  2. On any computer with DNS server set to control type
    nslookup 172.18.78.11
  3. Attach debug log from time of doing nslookup and write the output of nslookup here.


If everything is OK you should receive the name of the looked up computer and in debug log there should be line like
Quote:
[02/Apr/2013 09:11:51] {dns} DnsResolver: from DHCP Lease Table: vm-xp-sp2-cima


And of course try to Clear cache in DNS section. I don't know what kind of hosts are computers listed above. Maybe they just made up their names like this during DHCP negotiation and it got cached.
  •  
spock

Messages: 15
Karma: 1
Send a private message to this user
Still how to make a private dns in kerio to resolve a private ip dns entry.

Because first we don't use any dns from our provider we have 4 incoming internet connection 1x dsl and 3x high speed cable.

So we don't want to use dns from theses provider for a couple of reason but still cannot figure out to be able to show correct DNS from our private lan, even all theses ip have the correct dns in host table still show dns from internet.


Config : Kerio control (Software appliance) 8.0.1

Best regards,
  •  
Martin Šimek

Messages: 4
Karma: 0
Send a private message to this user
Addresses from local network are automatically resolved by Control. Places for searching for name are in following order:

  1. Hosts file
  2. DHCP lease table
  3. DNS forwarder's cache
  4. Internal DNS Cache
  5. Direct DNS request


If you enable DNS logging in debug log and issue DNS request to mentioned IP addresses, debug log will tell you where the hostname was taken. In this case it should be taken from DHCP lease table. If it's from cache, delete the cache. If from Direct DNS request then check DNS server provided from each interface, one of them acts incorrectly.

Please paste part of the debug log here so we can investigate the problem.
  •  
framo72

Messages: 8
Karma: 0
Send a private message to this user
In my network I do not use DHCP,
so in Kerio Control DHCP if off.

Also DNS cache is disabled.

Here follows a part of log...
NAT LAN is 172.18.78.x



[05/Apr/2013 15:07:27] {dns} Querying server 88.149.128.22, query id=38742 99.78.18.172.in-addr.arpa
[05/Apr/2013 15:07:27] {dns} Querying server 88.149.128.22, query id=38743 11.233.146.17.in-addr.arpa
[05/Apr/2013 15:07:27] {dns} Reply from 88.149.128.22:53 id 38742.
[05/Apr/2013 15:07:27] {dns} Got answer from 88.149.128.22, id=38742
[05/Apr/2013 15:07:27] {dns} Host not found
[05/Apr/2013 15:07:27] {dns} Reply from 88.149.128.22:53 id 38743.
[05/Apr/2013 15:07:27] {dns} Truncated answer
[05/Apr/2013 15:07:27] {dns} Got answer from 88.149.128.22, id=38743
[05/Apr/2013 15:07:27] {dns} No PTR records for 11.233.146.17.in-addr.arpa
[05/Apr/2013 15:07:27] {dns} Valid answer arrived, ttl = 30576
[05/Apr/2013 15:07:27] {dns} Querying server 88.149.128.22, query id=38744 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:27] {dns} Reply from 88.149.128.22:53 id 38744.
[05/Apr/2013 15:07:27] {dns} Got answer from 88.149.128.22, id=38744
[05/Apr/2013 15:07:27] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38745 81.166.18.172.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} DnsResolver: address 172.18.78.54 resolved from host file as mail.mombelli.net
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38745.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38745
[05/Apr/2013 15:07:28] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38746 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38747 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38748 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38749 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} Querying server 88.149.128.22, query id=38750 114.205.41.193.in-addr.arpa
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38746.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38746
[05/Apr/2013 15:07:28] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38747.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38747
[05/Apr/2013 15:07:28] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38748.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38748
[05/Apr/2013 15:07:28] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38749.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38749
[05/Apr/2013 15:07:28] {dns} Host not found
[05/Apr/2013 15:07:28] {dns} Reply from 88.149.128.22:53 id 38750.
[05/Apr/2013 15:07:28] {dns} Got answer from 88.149.128.22, id=38750

[Updated on: Sun, 07 April 2013 22:51]

Previous Topic: Kerio VPN (Erroor)
Next Topic: kerio radius
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Aug 21 08:23:27 CEST 2017

Total time taken to generate the page: 0.00486 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.