Split DNS & Reverse PTR Lookups

Got a problem with Viscosity or need help? Ask here!

CyrilC

Posts: 2
Joined: Wed Apr 06, 2016 9:41 am

Post by CyrilC » Wed Apr 06, 2016 12:20 pm
Hi,

First off, thank you for all the amazing improvements with managing Split DNS connection(s)!

The latest improvement in 1.6.2 "Split DNS will now match multi-label subdomains" is perfect:
-It allows to reduce the DNS Suffix Search List to it's intended use: None-FQDN Lookups (eg without the "." at the end)
-It allows Split DNS to successfully lookup SRV records in the many sub-domains of *._msdcs.domain.example.tld. , which is important for Microsoft Windows Active Directory Computers to lookup Active Directory Domain ressources.

Now for the missing piece in all theses Split DNS improvements:
IPv4 & IPv6 Reverse PTR Records DNS Lookups (eg. 1.1.168.192.in-addr.arpa.)
Since Viscosity receives the route(s) for a specific Split DNS connection, it could theoretically link a reverse PTR DNS request with a connection's route/subnet and send the DNS request to the connections's specified DNS server(s).

This can be achieved manually in Split DNS connections by pushing a DHCP Option, eg:
push "dhcp-option DOMAIN 1.168.192.in-addr.arpa"
But this then results in extra DNS requests/delays for None-FQDN Lookups (eg. DNS lookup of "server" will result in useless lookups of "server.1.168.192.in-addr.arpa.")

Reverse PTR DNS Lookups may not seem too important, but many elements in Windows use and request PTR DNS Lookups. Having them resolve efficiently (no more 1-2 second timeout) and correctly can only be beneficial to the Viscosity Split DNS system and hopefully we will see this implemented in future releases of Viscosity.


Best Regards,
Cyril C.

P.S. Would love to see a Disconnect All feature / menu / button! I tend to close Viscosity and reopen if I need to disconnect many connections (eg. more then 10) ... And I still haven't looked into adding a menu item myself like (SparkLabs Support) suggested back in 2014, need to find the time :s

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Wed Apr 06, 2016 2:36 pm
Hi Cyril,

Thanks for the feedback, great to know the new DNS System is helping!

SRV records were identified and addressed early in the development of the system, so these shouldn't have had any issues, but multi-label subdomains were certainly a conscious decision we didn't add support for until later down the track.

It would appear the only issue here is making sure Windows is not trying to use arpa records as a suffix. We can certainly look into addressing this.

We have a package you can simply extract to the correct location that will add a disconnect all option to Viscosity here - https://sparklabs.com/forum/viewtopic.p ... e33265c397

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts Page 1 of 1