Question :
I would like to know:
With DisableDNSLookup set to NO, does the Web Agent do a Reverse DNS Lookup when it receives a request with IP Address instead of a Fully Qualified Domain Name in the URL ?
When DisableDNSLookup set to NO, how does the Web Agent do the reverse DNS Lookup ?
Does DisableDNSLookup concerns also Direct DNS Lookup as requesting the IP Address from the FQDN ?
Environment :
SiteMinder 12.5 and above
Answer:
Here are the answers :
Yes it does. And this is to prevent that behavior that the DisableDNSLookup=YES will disable these reverse dns requests
We can see it by Web Agent logs and network traces :
DisableDNSLookup=NO
[05/30/2014][05:35:51][22507][1143875904]
[CSmHttpPlugin.cpp:345][CSmHttpPlugin::ProcessResource]
[0000000000000000000000000100007f-57eb-538850f7-442e2940
-20911d680bbd][][][][][][Resolved HTTP_HOST:
'10.130.210.102'.]
[05/30/2014][05:35:51][22507][1143875904]
[CSmHttpPlugin.cpp:3772][Entered CSmHttpPlugin::
ResolveFQServerName sHost: ][][][][][][][10.130.210.102]
[05/30/2014][05:35:51][22507][1143875904]
[CSmHttpPlugin.cpp:426][CSmHttpPlugin::ProcessResource]
[0000000000000000000000000100007f-57eb-538850f7-442e2940
-20911d680bbd][][][][][][Resolved hostname:
'duspa01-u117478.ca.com'.]
372 8.522751 10.130.210.102 141.202.205.74
DNS Standard query PTR 102.210.130.10.in-addr.arpa
688 15.368671 141.202.205.74 10.130.210.102
DNS Standard query response PTR duspa01-u117478.ca.com
DisableDNSLookup=YES
[05/30/2014][05:39:37][22617][1124198720]
[CSmHttpPlugin.cpp:345][CSmHttpPlugin::
ProcessResource][0000000000000000000000000100007f
-5859-538851d9-4301e940-96f46700a385][][][][][]
[Resolved HTTP_HOST: '10.130.210.102'.]
[05/30/2014][05:39:37][22617][1124198720]
[CSmHttpPlugin.cpp:3772][Entered CSmHttpPlugin::
ResolveFQServerName sHost: ][][][][][][]
[10.130.210.102]
[05/30/2014][05:39:37][22617][1124198720]
[CSmHttpPlugin.cpp:3848][CSmHttpPlugin::
ResolveFQServerName: isIP][][][][][][]
[10.130.210.102]
[05/30/2014][05:39:37][22617][1124198720]
[CSmHttpPlugin.cpp:3967][CSmHttpPlugin::
ResolveFQServerName, DNSLookups disabled,
checking to see if cookiedomain added!][]
[][][][][][10.130.210.102]
[05/30/2014][05:39:37][22617][1124198720]
[CSmHttpPlugin.cpp:426][CSmHttpPlugin::
ProcessResource][0000000000000000000000000100007f
-5859-538851d9-4301e940-96f46700a385][][][][][]
[Resolved hostname: '10.130.210.102'.]
and no request in the network traces.
Name and Addresses resolutions are done using the POSIX API :
getaddrinfo() : to resolve IP Address from a FQDN
getnameinfo() : to resolve FQDN from an IP Address
No, it concerns only Reverse DNS Lookup.
KB : TEC612510