[TriLUG] OT: DNS reverse lookups

[Geoff Purdy]

A number of FTP and CVS sites that I use require a successful reverse lookup before granting anonymous access.  I know this because I am often unable to use these sites because reverse lookups fail for my IP address.  We've brought this to the attention of our ISP (Time Warner Telecom) who generally recognizes that a problem exists, but says they've identified the problem and fixed it. (this has happened several times)


My problem:  (here's an example of the most recent instance)
Day 1 morning - I am able to access a particular NIH (National Institute of Health) HTTP server, no problems
Day 1 afternoon - I attempt to access an ftp server in the same domain but receive an error, I try several times
Day 1 afternoon - I can no longer access the HTTP server, nor the ftp server - no error reported
Day 4 morning - I still can't access or ping either site, however they are accessible from hosts in other domains

I've been told that, many public ftp sites perform a reverse lookup before granting access to a service (ftp, cvs,...).  I think this is to avoid DoS attacks.


My theory:  Their firewall detected the failed reverse lookups and assigned a default DENY (or similar) to any traffic originating from my IP address.


My questions:
Do you think traffic from my IP address is being blocked by their firewall, or is there a better explanation I've overlooked?

Has anyone else had similar problems with Time Warner and DNS reverse lookups?

If my address is blocked, do such things usually go away after a period of time, or must I contact their sysadmin and grovel?

How best to conclusively document this problem in a way the twtelecom will recognize the problem and take definitive action?


Thanks again,
Geoff