Why certain proxy requests result in a DNS reverse-lookup

book

Article ID: 167508

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Why certain proxy requests result in a DNS reverse-lookup
You want to know why certain requests result in a DNS reverse-lookup

Resolution

In SGOS, if you have content-filtering enabled, or have policy or forwarding that references a hostname, a reverse-lookup will be performed on every request made to an IP address.

Since content filtering databases contain hostnames, SGOS will need to determine what hostname(s) correspond to the IP address of the client request. If you are using Secure Computing's Premiere list or Websense (both of which have databases containing both IP addresses and hostnames) a reverse-lookup will only be suppressed if the IP requested is located in the database AND no policy or forwarding referencing a hostname exists.

Examples of policy rules that result in a reverse-lookup:

    url.host=www.bluecoat.com
    url.domain=google.com

    You can restrict DNS lookups for specified addresses.  For more information about restricting reverse DNS lookups, please refer to the Blue Coat Configuration and Management Guide (CMG) for the version of SGOS you are running in your environment.