How many NS records should be in the 0.0.127.in-addr.arpa zone?
D. Stussy
kd6lvw at bde-arc.ampr.org
Tue Sep 21 21:16:26 UTC 1999
On 20 Sep 1999, Andy Cranston wrote:
> Setup is BIND 8.2.1 on a mix of RedHat Linux 5.1 and HP-UX 10.20. Internal
> DNS with forwarders to resolve Internet domain names and addresses.
>
> According to the DNS and BIND book the zone file for 0.0.127.in-addr.arpa
> should contain an NS record for each server in your domain (see the 3rd
> edition page 67). First question - is this a correct assumption?
>
> The reason I ask is that when named starts it sends a NOTIFY for each
> primary zone to the name servers identified by the NS records (except itself
> of course). I got to thinking that the 0.0.127.in-addr.arpa zone will have
> notify requests sent to my secordary name servers which will get ignored as
> they aren't secondarying 0.0.127.in-addr.arpa. Second question - am I still
> on track here?
>
> So to my mind (and as far as DNS goes it's a pretty small mind :-) I reckon
> that the only NS record in the zone file for 0.0.127.in-addr.arpa zone
> should be for the name server the db.127.0.0 file resides on. Third
> question - is this correct or will I break something by doing so?
This is what I use:
$ORIGIN 0.127.IN-ADDR.ARPA.
0 IN SOA localhost. hostmaster.localhost. (
1 43200 3600 7862400 86400 )
IN NS localhost.
$ORIGIN 0.0.127.IN-ADDR.ARPA.
1 IN PTR localhost.
This is generic enough that if another host from outside your domain got ahold
of it, it would still work. Also, since every server will have a loopback
interface (which "localhost." should map back to "127.0.0.1"), it does
implicitly define itself as the name server for the domain.
I would avoid using any "real" hostnames for this domain because of the
possibility of someone asking your DNS for the lookup. Also, this is one of
the few "domains" that does not have a true owner.
[I believe that the root servers should define this, but apparently "localhost"
isn't defined at the root level either....]
As far as BIND's named.conf (or named.boot for the version 4 users) goes, I
define the domain (and the dummy file I have for "localhost.") as SLAVE or
secondary, and tell it that the master is my other DNS server (since I have 2).
These domains shoudn't really ever "primary" since they aren't really "real."
More information about the bind-users
mailing list