Reverse zones best practices
nex6
borg at borg1911.com
Tue Jun 26 15:41:09 UTC 2012
* David Dowdle <ddowdle at leopard.net> [2012-06-25 14:20:43 -0700]:
so, create zones based on how networking creates vlans eg: /24s we dont have any
/8 or /16 vlan networks yet....
> I strongly recommend splitting on /8 /16 and /24 boundries. With
> the number of zones you are talking about, doing anything else will
> get very confusing very quickly.
>
> If a netblock is larger than a /24, put at the top and bottom of
> each /24 a comment lile explaining what size it is
>
> For example my 10.in-addr.arpa. zone has
> "; this is top of the 10/8 delegates to 10.*/16"
>
>
> zone file for 230.16.10.in-addr.arpa has comment ; 10.16.230.0/23
> vlan XXXX: Purpose-of-vlan-here 10.16.230.0-10.16.231.255 (512)
>
>
> In this way, whoever looks at the zone, no matter how dns savvy they
> are, knows the size of the netblock
>
>
>
> On Mon, 25 Jun 2012, nex6 wrote:
>
> >
> >
> >Hi all,
> >
> >look for some info on best practices for reverse zones. I have, a pretty big IP space and alot of reverse zones are not created.
> >I want to clean it up, a few people that dont really know DNS are thinking of "super netting" eg a top level 10.0.0.0/16 sorta thing.
> >
> >but we have 100s of defined mission critical reverse zones defined at the vlan level of 10.x.x.0/24... my thinking, would be do a
> >discovery and create all the /24s, even if there is like 100s. instead of the bigger super net...
> >
> >
> >what would be the best practice and the way to go?
> >
> >
> >
> >-Nex6
> >
> >_______________________________________________
> >Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> >
> >bind-users mailing list
> >bind-users at lists.isc.org
> >https://lists.isc.org/mailman/listinfo/bind-users
> >
More information about the bind-users
mailing list