RFC1101, network info in DNS. Usefull ?
Jim Reid
jim at rfc1035.com
Fri Jan 21 19:48:55 UTC 2000
>>>>> "Marc" == Marc Lampo <Marc_Lampo at hotmail.com> writes:
Marc> could somebody comment on the usefulness of RFC1101, network
Marc> info in DNS. It looks promising to me, but I guess it fails
Marc> when variable length subnets are used.
Nope.
Marc> If I understand it correctly, an A-RR is put in the reverse
Marc> map on the "network level". Like :
Marc> 0.0.168.192.in-addr.arpa. A 255.255.255.192
Yes.
Marc> This learns that there are 4 subnets : 192.168.0.0/26,
Marc> ...0.64/26, ...0.128/26 and ...0.192/26
No. The name server doesn't learn anything. Name servers don't know or
care about subnetting. All your A record above means that there's an A
record for 0.0.168.192.in-addr.arpa which is probably a subnet
mask. That's all. And anything that looks this up only knows that net
192.168.0.0 could have a 26-bit netmask. Unless you use A records to
define the netmasks for the rest of net 192.168.0/32, no assumptions
can made about them at all. Maybe these IP addresses and subnets are
not even in use?
Marc> I see no immediate problem when the last three are further
Marc> subnetted (there is no A-record yet), but suppose the first
Marc> subnet is further divided into :...0.0/27 and 0.32/27. This
Marc> would imply a second A-RR, wouldn't it ?
Marc> 0.0.168.192.in-addr.arpa. A 255.255.255.224
Yes. In fact you need to explicitly define the netmasks for each subnet.
Marc> I'm just guessing that, however potentially interesting it
Marc> may be, this RFC is little or not followed at all ?
Well the resolver code in BIND can use it. If there's an A record for
the net's subnet mask in the reverse zone file, you get a /N appended
to the netname in the output from netstat -r. This /N is the number of
bits in the netmask.
Here's an actual example from my own DNS data. I've only been assigned
32 addresses (62.6.242.0/27), but tell lies to my local name servers
by pretending to be master for the whole 242.6.62.in-addr.arpa
zone. The real reverse zone belongs to my ISP and only has CNAMEs, so
I couldn't put PTR and A records there for my internal nets.
Here are the relevant bits of the (internal) zone file:
; RFC1101 name and netmask entry for local net0
0.242.6.62.in-addr.arpa. IN PTR net0.rfc1035.com.
0.242.6.62.in-addr.arpa. IN A 255.255.255.248
; RFC1101 name and netmask entry for local net1
8.242.6.62.in-addr.arpa. IN PTR net1.rfc1035.com.
8.242.6.62.in-addr.arpa. IN A 255.255.255.248
; RFC1101 name and netmask entry for local net2
16.242.6.62.in-addr.arpa. IN PTR net2.rfc1035.com.
16.242.6.62.in-addr.arpa. IN A 255.255.255.248
; RFC1101 name and netmask entry for local net3
24.242.6.62.in-addr.arpa. IN PTR net3.rfc1035.com.
24.242.6.62.in-addr.arpa. IN A 255.255.255.248
And here's what netstat has to say for itself on a host that's
connected to two subnets:
% netstat -r
Routing tables
Internet:
Destination Gateway Flags MTU If
default router UGS 1500 ne0
net0.rfc1035.com/29 link#2 UC 1500 ne0
router 0:d0:58:e0:3c:bd UHLc 1500 ne0
gromit 0:20:18:3a:fb:13 UHLc 1500 lo0
net1.rfc1035.com/29 link#1 UC 1500 exp0
gromit 0:a0:c9:e5:ea:8b UHLc 1500 lo0
wallace 0:10:5a:ac:73:b6 UHLc 1500 exp0
loopback-net localhost UGRS 4352 lo0
localhost localhost UH 4352 lo0
base-address.mcast.net/8 link#1 UC 1500 exp0
More information about the bind-users
mailing list