Howto reverse mapping ?

Duane Cox dcox at coxnetwork.com
Thu Feb 10 22:32:25 UTC 2000 

-----Original Message-----
From: Barry Margolin <barmar at bbnplanet.com>
Newsgroups: comp.protocols.dns.bind
To: comp-protocols-dns-bind at moderators.uu.net
<comp-protocols-dns-bind at moderators.uu.net>
Date: Thursday, February 10, 2000 1:37 PM
Subject: Re: Howto reverse mapping ?


>In article <38A310BD.7FD108E at daimlerchrysler.com>,
>Kevin Darcy  <kcd at daimlerchrysler.com> wrote:
>>John wrote:
>>
>>> > The range of IP is 212.208.151.112 to 212.208.151.127....
>>> > What shall I do ? Shall I do a file for 151.208.212.in-addr.arpa ??
>>> >
>>>
>>> yes 151.208.212.in-addr.arpa will do with  IN PTR records for your ip
>>> addreses
>>>
>>> but for it to be successfully done you isp should also put in their
>>> 151.208.212.in-addr.arpa zone
>>>
>>> 112  IN NS  w.x.y.z
>>> 113  IN NS  w.x.y.z
>>> ...
>>> ...
>>> ...
>>> 127  IN NS  w.x.y.z
>>>
>>> where w.x.y.z is the DNS server serving your 151.208.212.in-addr.arpa
zone
>>
>>(I hope you weren't implying that "w.x.y.z" is an IP address, since that
>>would be illegal on the right-hand side of an NS record.)
>>
>>You know, this scheme might actually work (although I haven't actually
tried
>>it). Other nameservers would be fooled into thinking that there is a
>>112.151.208.212.in-addr.arpa zone, for example, send the PTR query to the
>>w.x.y.z server and get an authoritative answer. As long as they didn't
look
>>too closely at the Authority Section, they'd probably just accept the
answer
>>and go on their merry way.
>
>Actually, the authority section could be a real problem with this scheme.
>Many servers will cache the authority section, so they'll be fooled into
>thinking that his server is authoritative for all the entire class C, and
>they'll forget about the ISP's servers.
>
>Also, if his users use this server as their resolver, they won't be able to
>do reverse lookups of other addresses in the same class C, because it
>thinks it's authoritative for the entire block.
>
>If he really wants to have delegations for each address, he should create a
>separate zone for each:
>
>zone "112.151.208.212.in-addr.arpa" {
>  type master;
>  file "db.212.208.151.112";
>};
>zone "113.151.208.212.in-addr.arpa" {
>  type master;
>  file "db.212.208.151.113";
>};
>and so on.
>
>--
>Barry Margolin, barmar at bbnplanet.com
>GTE Internetworking, Powered by BBN, Burlington, MA
>*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
>Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.
>
OK, I understand your point there Barry, but from the ISP perspective, what
should the ISP do to delegate that block of ips to the customer... ?
still go with the:

112 IN NS ns.domain.com
113 IN NS ns.domain.com
etc, etc...

Duane Cox
dcox at coxnetwork.com

More information about the bind-users mailing list