help with unwanted reverse DNS's please???

[Kevin Darcy]

If you're using an /etc/hosts file to reverse-resolve the addresses, then
this has nothing to do with DNS.

Are you actually getting connections from the 192.168.*.* addresses, or
from NAT'ed addresses? In either case, you need to ensure that whatever
resolution mechanism (DNS, /etc/hosts file) you're using to
reverse-resolve those addresses to names, knows about the source
addresses from which you're getting connections. My guess is that you're
getting connections from NAT'ed addresses that aren't in your /etc/hosts
file, so they're being looked up in DNS and getting resolved from your
ISP's nameservers.



-Kevin

bobm at financialdatacorp.com wrote:

> I don't know if this would be the right forum but it does involve
> TCPIP so here goes...
>
> We have an internal LAN with a unix(AIX) server and all Win98SE
> clients.  The clients all telnet into our server to access our main
> application(s).  The server identifies each connecting device by the
> identity delivered by telnet.   The application then sees the IP
> address or the host name.   All of our internal IP's are private in
> the range of 192.168.0.xxx which has/was working perfectly for quite
> some time.
>
> Recently we changed our ISP to another provider through a T1 link.
> The router is connected to the LAN and has its own internal IP
> address.  It also has NAT configured to allow any/all of the internal
> clients to gain access to the Internet.  This also works well.
>
> And, on these clients we have the ISP's DNS servers definded as we do
> not do our own DNS.
>
> So, here's the problem:
>
> Since the day of installation of the new ISP, our users are not being
> identified correctly when telnetting into our application server.
> What is being seen by the server is a qualified hostname which is
> actually the hostname of the ISP's INTERNAL network for the client
> with the SAME INTERNAL IP address.
>
> Example:
>
> We have a typical user whose Win98SE machine has an IP of 192.168.0.39
> and the Win98 Identification is PC39.   On our application server we
> also have an /etc/hosts file with an appropriate entry.  Previously we
> would see the IP as the identification for this client when
> establishing a session.
>
> Now we see a host name only which is that of the internal client of
> the ISP whose internal IP address is the same (192.168.0.39).  The ISP
> says there's nothing that they can do about this!
>
> We had a prior ISP with NAT and we had no problem whatsoever.
>
> QUESTIONS:
>
> 1) The router is a CISCO 2524/2624 so is there anything in the router
> config to prevent reverse DNS?  To prevent reversing internal IP's?
>
> 2) Anything the ISP or we can/could do to rectify this situation?
>
> I am at a loss.
>
> Thank you.