direct master reverse CIDR zone without $GENERATE?
Mark Andrews
Mark_Andrews at isc.org
Fri Jul 18 00:26:21 UTC 2008
> Hi Everyone,
>
> I was wondering if it was possible to have a master zone for a partial
> (sub-24 CIDR) reverse zone, without using $GENERATE. The problem is
> that a master zone 3.2.1.in-addr.arpa for a /24 network like could be
> populated with ~256 PTRs, but if one has a /29 (say), and fills it
> with their ~8 PTRs, named will return NXDOMAIN for the other
> addresses. I know that CIDR doesn't use the normal 3.2.1.in-addr.arpa
> but rather something like 128/29.2.1.in-addr.arpa, but that's not a
> master zone.
>
> It's possible to use a 3.2.1.in-addr.arpa zonefile with some $GENERATE
> lines [re]delegating everything besides the /29 back to the ISP, but
> then one has to hardcode their NS data, which is unfortunate. The
> only other alternative I can see is to create a separate zonefile for
> each IP.
>
> Is there a better way, or is it just accepted to let named do the
> lookups (at least the most significant octets' NS might well be
> cached), even for local IPs?
>
> Thanks,
> Justin
If you have 1.2.3.128/29 then you should be a slave for
3.2.1.in-addr.arpa and a master for 128/29.3.2.1.in-addr.arpa
assuming you are following RFC 2317.
3.2.1.in-addr.arpa will be administered by you ISP and have
the CNAMEs pointing in to 128/29.3.2.1.in-addr.arpa to allow
reverse lookups to work.
If you don't want to, or can't, follow RFC 2317 then create
a IN-ADDR.ARPA zone for each individual address.
zone "128.3.2.1.in-addr.arpa" {
type master;
file "128.3.2.1.in-addr.arpa";
};
zone "129.3.2.1.in-addr.arpa" {
type master;
file "129.3.2.1.in-addr.arpa";
};
....
129.3.2.1.in-addr.arpa:
$TTL 3600
@ SOA <namserver1> ...
@ NS <namserver1>
@ NS <namserver2>
@ PTR <hostname>
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list