Reverse lookup of selected IP addresses without delegation agreement?
Len Conrad
LConrad at Go2France.com
Thu Jul 15 14:05:29 UTC 2004
>is there a recommended way to set up BIND to allow reverse lookups for
>selected, single IP addresses?
A DNS can be authoritative for any zone, whether delegated by the parent
zone or not.
so set up the specific IPs in your DNS as zones with one PTR
record. spoofing complete.
>Searching the list archives returned info about "classless reverse
>delegation"; is this what I need to look into?
... will make your DNS authoritative for the less-than-ClassC subnet, so
you can set up one zone for the subnet, instead of one zone per IP as I
suggested above.
> As far as I understand
>it, delegation requires mutual consent.
no, child zone/parent zone DNSs are not coupled at all. The parent zone
DNS does the delegation, independent of whether the child zone DNS is
working. A child zone DNS can make it auth for a zone, without requiring
delegation.
BUT! for correct operation of the "chain of delegation", parent and child
zone DNS should all be set up.
With RFC 2317, the child zone's PTR records must match the CNAME rdata
fields in the parent zone.
Len
_____________________________________________________________________
http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
More information about the bind-users
mailing list