Web Agent :: ACO : DisableDNSLookup Precisions

Document ID : KB000011079
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:
Question:

I would like to know:

  1. With DisableDNSLookup set to NO, does the Web Agent do a Reverse DNS Lookup when it receives a request with IP Address instead of a Fully Qualified Domain Name in the URL ?
  2. When DisableDNSLookup set to NO, how does the Web Agent do the reverse DNS Lookup ?
  3. Does DisableDNSLookup disables forward DNS Lookup also , as requesting the IP Address from the FQDN ?
Environment:
SiteMinder 12.5 and above
Answer:

Here are the answers :

  1. Yes it does. And this is to prevent that behavior that the DisableDNSLookup=YES will disable these reverse dns requests 
    We can see it by Web Agent logs and network traces : 

    DisableDNSLookup=NO 

    [05/30/2014][05:35:51][22507][1143875904] 
    [CSmHttpPlugin.cpp:345][CSmHttpPlugin::ProcessResource] 
    [0000000000000000000000000100007f-57eb-538850f7-442e2940 
    -20911d680bbd][][][][][][Resolved HTTP_HOST: 
    '10.130.210.102'.] 
    [05/30/2014][05:35:51][22507][1143875904] 
    [CSmHttpPlugin.cpp:3772][Entered CSmHttpPlugin:: 
    ResolveFQServerName sHost: ][][][][][][][10.130.210.102] 
    [05/30/2014][05:35:51][22507][1143875904] 
    [CSmHttpPlugin.cpp:426][CSmHttpPlugin::ProcessResource] 
    [0000000000000000000000000100007f-57eb-538850f7-442e2940 
    -20911d680bbd][][][][][][Resolved hostname: 
    'duspa01-u117478.ca.com'.] 

    372 8.522751 10.130.210.102 141.202.205.74 
    DNS Standard query PTR 102.210.130.10.in-addr.arpa 
    688 15.368671 141.202.205.74 10.130.210.102 
    DNS Standard query response PTR duspa01-u117478.ca.com 

    DisableDNSLookup=YES 

    [05/30/2014][05:39:37][22617][1124198720] 
    [CSmHttpPlugin.cpp:345][CSmHttpPlugin:: 
    ProcessResource][0000000000000000000000000100007f 
    -5859-538851d9-4301e940-96f46700a385][][][][][] 
    [Resolved HTTP_HOST: '10.130.210.102'.] 
    [05/30/2014][05:39:37][22617][1124198720] 
    [CSmHttpPlugin.cpp:3772][Entered CSmHttpPlugin:: 
    ResolveFQServerName sHost: ][][][][][][] 
    [10.130.210.102] 
    [05/30/2014][05:39:37][22617][1124198720] 
    [CSmHttpPlugin.cpp:3848][CSmHttpPlugin:: 
    ResolveFQServerName: isIP][][][][][][] 
    [10.130.210.102] 
    [05/30/2014][05:39:37][22617][1124198720] 
    [CSmHttpPlugin.cpp:3967][CSmHttpPlugin:: 
    ResolveFQServerName, DNSLookups disabled, 
    checking to see if cookiedomain added!][] 
    [][][][][][10.130.210.102] 
    [05/30/2014][05:39:37][22617][1124198720] 
    [CSmHttpPlugin.cpp:426][CSmHttpPlugin:: 
    ProcessResource][0000000000000000000000000100007f 
    -5859-538851d9-4301e940-96f46700a385][][][][][] 
    [Resolved hostname: '10.130.210.102'.] 

    and no request in the network traces.
  2. Name and Addresses resolutions are done using the POSIX API : 

    getaddrinfo() : to resolve IP Address from a FQDN 
    getnameinfo() : to resolve FQDN from an IP Address
  3. Yes, it disables forward DNS lookup (Hostname to IP address) also .