Reverse zones best practices
Phil Mayers
p.mayers at imperial.ac.uk
Tue Jun 26 15:54:55 UTC 2012
On 26/06/12 16:42, nex6 wrote:
> * Brad Bendily<Brad.Bendily at LA.GOV> [2012-06-25 16:35:28 -0500]:
>
>
> wouldn't it be more confusing, in a big IP space with servers,
> desktops etc all mashed together into one zone?
If you have enough hosts for this to be confusing, you have enough hosts
to store the data in some master data-source and automatically generate
the zone files (or dynamic updates).
Don't edit zone files manually unless they're trivially small.
Don't read zone files unless you're debugging.
Basically: don't do this.
FWIW we use one large 10.in-addr.arpa file. Likewise for our "real" /16
subnets. We don't use a different reverse zone per actual subnet - it's
pointless, and limits you to byte-aligned subnets or horrible delegation
tricks.
More information about the bind-users
mailing list