The Shœstring Foundation Weblog
   


About
The Shœstring Foundation Weblog, Miscellaneous Byproducts

Matthias Bauer
bauerm (at) shoestringfoundation · org
reop pubkey
Vignettes by George Herriman and a small program

Subscribe to a syndicated feed of my weblog, brought to you by the wonders of RSS.


Blosxom Logo

       
Wed, 11 Aug 2010

non-PTRs in .arpa


Few people but nameserver admins know the .arpa toplevel domain. It has an hierarchical scheme with zones just as all other TLDs.

It's main use is to reverse map addresses. For an IP address like

111.22.3.4
this is done by requesting the PTR record for the hostname
4.3.22.111.in-addr.arpa
The DNS server for in-addr.arpa delegates the request to the server responsible for 111.in-addr.arpa and so recursively until a server is found who is responsible for the whole network containing the address. The reply typically is a hostname.

For IPv6 the domain is ip6.arpa and the encoding for e.g.

2001:780:3:170::2
is
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.1.0.3.0.0.0.0.8.7.0.1.0.0.2.ip6.arpa

But there is no technical barrier against requesting other record types from under the .arpa tree. The DNS servers happily return A, AAAA, CNAME, DNAME or other records when asked nicely.

And nothing prevents an DNS admin from placing non-PTR records in the .arpa subzone. And nothing prevents them from prefixing arbitrary strings in front of the IPv6 subnet. And of course those .arpa names can be used just like hostnames...

For example, a valid URL for this blog could be this or that or even thiß.

Perhaps URL-based filtering can be subverted this way.

[/projects] permanent link