Reverse DNS primer [Was: Re: Novice Question about reverse DNS]

Joseph S D Yao jsdy at cospo.osis.gov
Mon Jul 17 17:20:34 UTC 2000 

On Sat, Jul 15, 2000 at 03:04:37PM +0000, J!M wrote:
...
> > NOW, if your network does not break at an octet boundary, you must look
> > at RFC 2317, which has a trick to create a subnetwork that includes your
> > network name and bitsize, and then have your hosts' IP addresses be
> > names off that network.  You can use the trick detailed in RFC 2317 or
> > one like it.  Believe me, it works.  But you need the co-operation of
> > the owner of your parent network.
> > 
> This seems to be the key to my problem, I have 12 IPs assigned to 
> my network (64.32.42.141-253) my nameserver is at 64.32.42.252 - 
> ns1.dynamisys-llc.com. I have carefully read RFC 2317, and 
> understand that my ISP needs CNAME records in their db.in-
> addr.arpa. file, but I'm not exactly sure how they should read:
> 
> 141   CNAME   141.141/??.42.32.64.in-addr.arpa.
> 142   CNAME   142.141/??.42.32.64.in-addr.arpa.
> ...
> I'm guessing that the number represented by the ?? has something 
> to do with the bitsize of the network, and/or how it has been 
> divided. This was not clear to me from RFC 2317.
...

The ?? would in fact be the bitsize for the network - e.g., 28 for a
28-bit network, which would have netmask 255.255.255.240, and 16
addresses, of which 14 would be usable.

But it helps to read the entire RFC.

>    The examples here use "/" because it was felt to be more visible and
>    pedantic reviewers felt that the 'these are not hostnames' argument
>    needed to be repeated.  We advise you not to be so pedantic, and to
>    not precisely copy the above examples, e.g.  substitute a more
>    conservative character, such as hyphen, for "/".

So, use a hyphen: some name servers may choke on the '/'.  Or use a
different sub-domain name.

Also:

> 5.2 Alternative naming conventions
> 
>    As a result of this method, the location of the zone containing the
>    actual PTR records is no longer predefined.  This gives flexibility
>    and some examples will be presented here.
> 
>    An alternative to using the first address, or the first address and
>    the network mask length in the corresponding address space, to name
>    the new zones is to use some other (non-numeric) name.  Thus it is
>    also possible to point to an entirely different part of the DNS tree
>    (i.e. outside of the IN-ADDR.ARPA tree).  ...

The point is, the domain in which the canonical names [CNAMEs] are
found may be a delegated sub-domain of 42.32.64.in-addr.arpa - or they
may be entirely different domains.  Like your own forward-DNS domains,
as demonstrated in the rest of 5.2.  It's YOUR CHOICE.  And that of
your ISP.  ;-)

...
> Any assistance in getting this configuration to function properly is 
> greatly appreciated. My head hurts from banging it against the wall 
> for so long. ;-(

Figured it was something like that making you so cranky.  ;-)

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

More information about the bind-users mailing list