reverse zone for < class C???
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Sat Jun 30 13:59:35 UTC 2001
>
> Ha! I just feel like I needed to comment here. The e-mail address is
> real... Just try it:) I have my own mail server (and domain of course) and
> I create e-mail addresses just for usenet for the sake of filtering. Why
> does it seem like people always assume without testing?
Because we have sent too many pieces of mail in the past to
addresses like this trying to help someone only to have it
bounce back. This is why people look at the address, so that
they don't have to deal with the bounce back. When you are
the postmaster at a large site you have to actually read the
bounce backs because they could be indictating a problem with
your own software. The last thing you want to do is generate
more work for yourself.
If you want a filter mailbox use something like
"filtered at 2thebatcave.com". People might actually send to
that address without assuming that they will get a bounce back.
>
> Also, I asked the guy that is supposed to know everything at the ISP and he
> didn't know. The problem being, of course, that whenever I start asking
> myself questions I never seem to get anywhere...
You got somewhere. You have the RFC which covers this. You
also have the archive of the mailing list where this has been
discussed many times over the last few years.
I recommend <start>-<end>.3.2.1.in-addr.arpa for the
subzone name, rather than <start>-<masklen>.3.2.1.in-addr.arpa
as the format is more general. It's also less error prone
as you will find if you read the other messages in the list
this week.
I also recommend that the servers for
<start>-<end>.3.2.1.in-addr.arpa are also a servers for
3.2.1.in-addr.arpa (official or stealth) so that the site
can resolve names internally when the connection to the
outside world is down.
Mark
>
>
>
> "Michael Kjorling" <michael at kjorling.com> wrote in message
> news:9hilv9$o0u at pub3.rc.vix.com...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Read RFC 2317 and talk to your ISP. It explains how to do this
> properly. For example, here's my setup:
>
> In named.conf:
> zone "192-28.238.88.213.in-addr.arpa" in {
> type master;
> file "zones/masters/named.192-28.238.88.213.in-addr.arpa";
> allow-transfer { slaves; };
> allow-query { any; };
> };
>
> In zones/masters/named.192-28.238.88.213.in-addr.arpa:
> $ORIGIN 192-28.238.88.213.in-addr.arpa.
> $TTL 1D
> @ IN SOA ulv.mcpoolen.se. hostmaster.mcpoolen.se. (
> 2001062501 ; Serial
> 1H ; Refresh
> 30M ; Retry
> 2W ; Expire
> 1D ) ; Default-TTL
> @ IN NS ulv.mcpoolen.se.
> @ IN NS varg.mcpoolen.se.
> 194 IN PTR farkas.mcpoolen.se.
> 197 IN PTR ulv.mcpoolen.se.
> 200 IN PTR susi.mcpoolen.se.
> 201 IN PTR waya.mcpoolen.se.
> 204 IN PTR varg.mcpoolen.se.
> 206 IN PTR lupus.mcpoolen.se.
>
> My ISP has delegated it like this:
> 192-28.238.88.213.in-addr.arpa. 86400 IN NS ulv.mcpoolen.se.
> 192-28.238.88.213.in-addr.arpa. 86400 IN NS varg.mcpoolen.se.
> 192.238.88.213.in-addr.arpa. 86400 IN CNAME
> 192.192-28.238.88.213.in-addr.arpa.
> 193.238.88.213.in-addr.arpa. 86400 IN CNAME
> 193.192-28.238.88.213.in-addr.arpa.
> 194.238.88.213.in-addr.arpa. 86400 IN CNAME
> 194.192-28.238.88.213.in-addr.arpa.
> ; ...
>
> Also, drop the nospam crap. The comp.protocols.dns.bind newsgroup is
> gatewayed (two-way) into a mailing list, and stuff like that will
> never buy you anything except annoyed people. I have been very active
> on this list for the last three months, and never got even one spam
> mail because of it.
>
>
> Michael Kjörling
>
>
> On Jun 29 2001 12:27 -0500, Q wrote:
>
> > I am trying to setup a reverse zone for half of a class C allocated to us.
> > However, I can't seem to get it working. If I setup the named.conf like:
> >
> > zone "128.180.188.208.IN-ADDR.ARPA"{
> > type master;
> > file "128.180.188.208.in-addr.arpa";
> > };
> >
> > and the file like:
> >
> >
> > @ IN SOA ns1.domain.net.
> administrator.domain.net.
> > (
> > 2001062902 ; serial
> > 3600 ; refresh
> > 900 ; retry
> > 1209600 ; expire
> > 3600 ; default_ttl
> > )
> > 129 IN PTR gw2.domain.net.
> > 130 IN PTR gw.domain.net.
> > 131 IN PTR max1.domain.net.
> > 163 IN PTR news.domain.net.
> > 128 IN NS ns1.domain.net.
> > 128 IN NS ns2.domain.net.
> >
> >
> > it will not work at all even on servers that use it for the DNS server.
> > However, if I change it to this:
> >
> >
> > zone "180.188.208.IN-ADDR.ARPA"{
> > type master;
> > file "128.180.188.208.in-addr.arpa";
> > };
> >
> >
> >
> >
> > @ IN SOA ns1.domain.net.
> administrator.domain.net.
> > (
> > 2001062902 ; serial
> > 3600 ; refresh
> > 900 ; retry
> > 1209600 ; expire
> > 3600 ; default_ttl
> > )
> > 129 IN PTR gw2.domain.net.
> > 130 IN PTR gw.domain.net.
> > 131 IN PTR max1.domain.net.
> > 163 IN PTR news.domain.net.
> > @ IN NS ns1.domain.net.
> > @ IN NS ns2.domain.net.
> >
> > Then it works servers that have it as the DNS server, but of course I am
> > telling it that it has the whole class C when it does not. And if I leave
> > it this way, then it does not work remotely when another name server tries
> > to do a reverse lookup. I assume that this is because I technically don't
> > have the right zone setup. Does anyone have any ideas or an example of
> how
> > to setup a reverse zone for half a class C?
> >
> >
>
> - --
> Michael Kjörling - michael at kjorling.com - PGP: 8A70E33E
> "We must be the change we wish to see" (Mahatma Gandhi)
>
> ^..^ Support the wolves in Norway -- go to ^..^
> \/ http://home.no.net/ulvelist/protest_int.htm \/
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE7PNiIKqN7/Ypw4z4RAlq7AJ9Lw4bejnq2uB6uTNQCp8EkSZBm3QCeOhW2
> YNS6pPHxkrM72F8KeAkImcQ=
> =d9eL
> -----END PGP SIGNATURE-----
>
>
>
>
>
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list