Reverse look-up - in-addr.arpa delegation - rfc 2317
Kevin Darcy
kcd at daimlerchrysler.com
Tue Aug 15 00:57:20 UTC 2000
I'm not sure what you are trying to do here. Both of those zones have been
properly delegated to your servers. So do you just need to create reverse
entries? In that case, simply add PTR records. The names that the PTRs point
to are of no particular consequence; there's no requirement for your server to
be authoritative for the zones containing them.
Or, alternatively, are you trying to accomplish a RFC-2317-style "classless
delegation" to someone else's servers? For that, you and the other
organization need to agree on where the PTR's will live. Then just add CNAMEs
pointing to those PTR's.
What you have right now is a mess:
1. What's the purpose of the A records in the reverse zones? No-one's going to
be looking for A records there.
2. The CNAMEs just point back to themselves. This accomplishes nothing useful.
If you want to follow RFC 2317, point the CNAMEs to where the PTR records
live. As I said above, this is something that needs to be worked out between
you and the organization which is going to maintain the PTRs.
3. The 6.6.103.142.in-addr.arpa and 1.35.162.198.in-addr.arpa NS records are
irrelevant to the zones where they appear, and named will (loudly) omit these
records when it parses the zonefiles.
4. The NS records for a zone should match, or be a superset of the NS records
delegating the zone. The delegation records for both of these zones are
ns1.broadband.net and ns2.broadband.net. Those NS records are missing from the
zones themselves. Either fix the zone NS'es, or the delegation NS'es.
- Kevin
Constantin Moldovan wrote:
> Hello,
>
> I've read the RFC 2317 three times but I still have problems if I want to
> do a reverse delegation for only one IP Address.
>
> I have to set the reverse DNS for
> 209.17.183.233 to gt.antarcti.ca
> and to set the reverse DNS for
> 209.17.159.205 to antarcti.ca
>
> Our Name Servers:
> NS1.BROADBAND.NET 207.107.209.130
> NS2.BROADBAND.NET 209.17.128.34
>
> do not provide management for the domain antarctica.ca
> so I do not have any information in my DNS db files about antarcti.ca
> nor for the 2 IP Addresses 209.17.183.233 and 209.17.159.205.
>
> But the IP Block belongs to us:
>
> ->:/# whois -h rs.arin.net 209.17.159
> GT Group Telecom Services Corp. (NET-GROUPTELECOM-BLK-1) GROUPTELECOM-BLK-1
> 209.17.128.0 -
> 209.17.191.255
> Total Connect Communications Inc. (NETBLK-GT-209-17-159-0) GT-209-17-159-0
> 209.17.159.0 -
> 209.17.159.127
> Antarcti.ca Systems Inc. (NETBLK-GT-209-17-159-192) GT-209-17-159-192
> 209.17.159.192 -
> 209.17.159.207
> Mercator Systems Ltd. (NETBLK-GT-209-17-159-208) GT-209-17-159-208
> 209.17.159.208 -
> 209.17.159.223
>
> ->:/# whois -h rs.arin.net 209.17.183
> GT Group Telecom Services Corp. (NET-GROUPTELECOM-BLK-1) GROUPTELECOM-BLK-1
> 209.17.128.0 -
> 209.17.191.255
> Impact Business Solutions Inc. (NETBLK-GT-209-17-183-0) GT-209-17-183-0
> 209.17.183.0 -
> 209.17.183.127
> BuildDirect.com (NETBLK-GT-209-17-183-128) GT-209-17-183-128
> 209.17.183.128 -
> 209.17.183.191
> Schema Software Inc. (NETBLK-GT-209-17-183-192) GT-209-17-183-192
> 209.17.183.192 -
> 209.17.183.207
> PerCurrence Inc. (NETBLK-GT-209-17-183-208) GT-209-17-183-208
> 209.17.183.208 -
> 209.17.183.223
>
> ->:/# whois -h rs.arin.net NET-GROUPTELECOM-BLK-1
> GT Group Telecom Services Corp. (NET-GROUPTELECOM-BLK-1)
> Netname: GROUPTELECOM-BLK-1
> Netblock: 209.17.128.0 - 209.17.191.255
>
> Domain System inverse mapping provided by:
>
> NS1.BROADBAND.NET 207.107.209.130
> NS2.BROADBAND.NET 209.17.128.34
>
> ->:/# nslookup
> Default Server: aphrodite.gt.ca
> Address: 209.17.128.34
>
> > set type=any
>
> > antarcti.ca
> Server: aphrodite.gt.ca
> Address: 209.17.128.34
>
> Non-authoritative answer:
> antarcti.ca nameserver = ns1.cs.ubc.ca
> antarcti.ca nameserver = fs1.ugrad.cs.ubc.ca
> antarcti.ca internet address = 209.17.159.205
>
> Authoritative answers can be found from:
> antarcti.ca nameserver = ns1.cs.ubc.ca
> antarcti.ca nameserver = fs1.ugrad.cs.ubc.ca
> ns1.cs.ubc.ca internet address = 142.103.6.6
> fs1.ugrad.cs.ubc.ca internet address = 198.162.35.1
>
> My problem with RFC 2371 is that I have only 2 IP Addresses.
>
> What I think I should do;
>
> 1. add to named.boot:
> primary 183.17.209.in-addr.arpa db.209.17.183
> primary 159.17.209.in-addr.arpa db.209.17.159
>
> 2. edit db.209.17.183 file:
>
> $ORIGIN 17.209.in-addr.arpa.
> 183 IN SOA gt.ca. root.gt.ca. (
> 2000081401 5400 900 28800 5400 )
> IN NS ns1.gt.ca.
> IN NS ns2.gt.ca.
> 6.6.103.142.in-addr.arpa. IN NS ns1.cs.ubc.ca.
> 1.35.162.198.in-addr.arpa. IN NS fs1.ugrad.cs.ubc.ca.
> gt.antarctica.ca. IN A 209.17.183.233
> $ORIGIN 183.17.209.in-addr.arpa.
> 233 IN CNAME 233.183.17.209.in-addr.arpa.
>
> and edit db.209.17.159 file:
>
> $ORIGIN 17.209.in-addr.arpa.
> 159 IN SOA gt.ca. root.gt.ca. (
> 2000081401 5400 900 28800 5400 )
> IN NS ns1.gt.ca.
> IN NS ns2.gt.ca.
> 6.6.103.142.in-addr.arpa. IN NS ns1.cs.ubc.ca.
> 1.35.162.198.in-addr.arpa. IN NS fs1.ugrad.cs.ubc.ca.
> antarctica.ca IN A 209.17.159.205
> $ORIGIN 159.17.209.in-addr.arpa.
> 205 IN CNAME 205.159.17.209.in-addr.arpa.
>
> Is this correct ?
> I think I'm still missing something.
>
> Any help will be appreciated.
>
> Thanks,
> Constantin
More information about the bind-users
mailing list