delegation of subnet to remote DNS?
BOG
junk at 1command.com
Wed Aug 4 04:32:45 UTC 2004
Greetings Andrew,
What you will need to do *can* be done. However, this will depend upon a few
prerequisits. First, do they have a domain name that you are managing for them?
If so you can simply setup a zone for that domain pulling a .252 mask of the
IP they were assigned by SBC. If SBC did, in fact assign them this IP on more
than a short time lease. Once you have setup the zone, they *should* (might)
put a CNAME in their IN-ADDR.ARPA for you/ your customer. The main point here
will be setting up the IN-ADDR.ARPA. If you don't set this up properly, setting
up a mail server on this SBC IP will be a pointless endeavor. No self respecting
DNS/ mail server operator will even consider accepting mail from you/ your
customer unless it is valid. This is how we prevent our customers from recieving
SPAM/ UCE. As a matter of fact, I run a public BL (blocklist) for just that
purpose. In any event, if you have the slightest knowledge of running a DNS,
you now know what I'm saying and what you have to do. A *very* short pointer
follows:
;ZONE sumdomain.dom
$ORIGIN sumdomain.dom
@ IN SOA nameserver.yourdomain.dom rp.yourdomain.dom
serialnumber ; serial
refreshttl ; Refresh
retryttl ; Retry
whenexpires ; Expire
minttl ) ; Minimum
IN NS nameserver.yourdomain.dom
IN A SBCaddress
IN MX mailserver
mailserver IN A SBCaddress
etc etc etc
etc etc etc
; END OF ZONE sumdomain.dom
; START IN-ADDR.ARPA.
$ORIGIN SBCaddress.in.reverse.IN-ADDR.ARPA.
$TTL sumtime
@ IN SOA nameserver.yourdomain.dom. rp.yourdomain.dom. (
serialnumber ; Serial
etc ; etc
etc ; etc
etc ;
etc ) ; etc
gateway.SBCaddress.inreverse.IN-ADDR-ARPA. IN PTR GW.sumdomain.dom.
SBC.address.inreverse.IN-ADDR.ARPA. IN PTR mailserver.sumdomain.dom.
network.SBCaddress.inreverse.IN-ADDR-ARPA. IN PTR network.sumdomain.dom.
;END IN-ADDR-ARPA.
There is *alot* more to understand. But you've provided *very few* details
as to what resources you have to work with. If you don't have a very good
knowledge of bind (DNS), you have a *great deal* ahead of you, in order to
accomplish this. You have been warned.
"andrew kagan" <aklist_061666 at enigmedia.com> wrote in message news:<ceevin$9l3$1 at sf1.isc.org>...
> Hi All:
>
> I have a client for whom I'm providing DNS and webhosting services. They
> recently got static-IP ADSL service for their office through SBC. They've
> started running their own mail out of the office, but they're having
> connection problems with AOL, etc.
>
> SBC's reverse zone has a PTR of "adsl-XX-XX-XX-XXX.dsl.lsan03.pacbell.net"
> (where the XX's are the IP address).
>
> The client says AOL told them that the NAME of the IP address was reason
> enough for them to block it...not even that the IP address itself was in a
> blacklist.
>
> SBC is refusing to change the PTR to a friendlier name. They suggested,
> since we're providing the DNS for the domain, that they delegate authority
> for the IP address reverse zone to us.
>
> Since I am nowhere near SBC's pool of IPs, I'm just wondering a) if it's
> even possible or may cause more problems and b) if this is a common thing to
> do?
>
> TIA, Andrew
More information about the bind-users
mailing list