RFC1101, network info in DNS. Usefull ?

Jim Reid jim at rfc1035.com
Fri Jan 21 19:48:55 UTC 2000 

>>>>> "Marc" == Marc Lampo <Marc_Lampo at hotmail.com> writes:

    Marc> could somebody comment on the usefulness of RFC1101, network
    Marc> info in DNS.  It looks promising to me, but I guess it fails
    Marc> when variable length subnets are used.

Nope.

    Marc> If I understand it correctly, an A-RR is put in the reverse
    Marc> map on the "network level".  Like :
    Marc> 0.0.168.192.in-addr.arpa.  A 255.255.255.192

Yes.

    Marc> This learns that there are 4 subnets : 192.168.0.0/26,
    Marc> ...0.64/26, ...0.128/26 and ...0.192/26

No. The name server doesn't learn anything. Name servers don't know or
care about subnetting. All your A record above means that there's an A
record for 0.0.168.192.in-addr.arpa which is probably a subnet
mask. That's all. And anything that looks this up only knows that net
192.168.0.0 could have a 26-bit netmask. Unless you use A records to
define the netmasks for the rest of net 192.168.0/32, no assumptions
can made about them at all. Maybe these IP addresses and subnets are
not even in use?

    Marc> I see no immediate problem when the last three are further
    Marc> subnetted (there is no A-record yet), but suppose the first
    Marc> subnet is further divided into :...0.0/27 and 0.32/27.  This
    Marc> would imply a second A-RR, wouldn't it ?
    Marc> 0.0.168.192.in-addr.arpa.  A 255.255.255.224

Yes. In fact you need to explicitly define the netmasks for each subnet.

    Marc> I'm just guessing that, however potentially interesting it
    Marc> may be, this RFC is little or not followed at all ?

Well the resolver code in BIND can use it. If there's an A record for
the net's subnet mask in the reverse zone file, you get a /N appended
to the netname in the output from netstat -r. This /N is the number of
bits in the netmask.

Here's an actual example from my own DNS data. I've only been assigned
32 addresses (62.6.242.0/27), but tell lies to my local name servers
by pretending to be master for the whole 242.6.62.in-addr.arpa
zone. The real reverse zone belongs to my ISP and only has CNAMEs, so
I couldn't put PTR and A records there for my internal nets.

Here are the relevant bits of the (internal) zone file:

	;	RFC1101 name and netmask entry for local net0
	0.242.6.62.in-addr.arpa.	IN	PTR	net0.rfc1035.com.
	0.242.6.62.in-addr.arpa.	IN	A	255.255.255.248
	;	RFC1101 name and netmask entry for local net1
	8.242.6.62.in-addr.arpa.	IN	PTR	net1.rfc1035.com.
	8.242.6.62.in-addr.arpa.	IN	A	255.255.255.248
	;	RFC1101 name and netmask entry for local net2
	16.242.6.62.in-addr.arpa.	IN	PTR	net2.rfc1035.com.
	16.242.6.62.in-addr.arpa.	IN	A	255.255.255.248
	;	RFC1101 name and netmask entry for local net3
	24.242.6.62.in-addr.arpa.	IN	PTR	net3.rfc1035.com.
	24.242.6.62.in-addr.arpa.	IN	A	255.255.255.248

And here's what netstat has to say for itself on a host that's
connected to two subnets:

	% netstat -r
	Routing tables

	Internet:
	Destination               Gateway                  Flags    MTU If
	default                   router                   UGS     1500 ne0
	net0.rfc1035.com/29       link#2                   UC      1500 ne0
	router                    0:d0:58:e0:3c:bd         UHLc    1500 ne0
	gromit                    0:20:18:3a:fb:13         UHLc    1500 lo0
	net1.rfc1035.com/29       link#1                   UC      1500 exp0
	gromit                    0:a0:c9:e5:ea:8b         UHLc    1500 lo0
	wallace                   0:10:5a:ac:73:b6         UHLc    1500 exp0
	loopback-net              localhost                UGRS    4352 lo0
	localhost                 localhost                UH      4352 lo0
	base-address.mcast.net/8  link#1                   UC      1500 exp0

More information about the bind-users mailing list