Reverse DNS primer [Was: Re: Novice Question about reverse DNS]
Joseph S D Yao
jsdy at cospo.osis.gov
Mon Jul 17 17:20:34 UTC 2000
On Sat, Jul 15, 2000 at 03:04:37PM +0000, J!M wrote:
...
> > NOW, if your network does not break at an octet boundary, you must look
> > at RFC 2317, which has a trick to create a subnetwork that includes your
> > network name and bitsize, and then have your hosts' IP addresses be
> > names off that network. You can use the trick detailed in RFC 2317 or
> > one like it. Believe me, it works. But you need the co-operation of
> > the owner of your parent network.
> >
> This seems to be the key to my problem, I have 12 IPs assigned to
> my network (64.32.42.141-253) my nameserver is at 64.32.42.252 -
> ns1.dynamisys-llc.com. I have carefully read RFC 2317, and
> understand that my ISP needs CNAME records in their db.in-
> addr.arpa. file, but I'm not exactly sure how they should read:
>
> 141 CNAME 141.141/??.42.32.64.in-addr.arpa.
> 142 CNAME 142.141/??.42.32.64.in-addr.arpa.
> ...
> I'm guessing that the number represented by the ?? has something
> to do with the bitsize of the network, and/or how it has been
> divided. This was not clear to me from RFC 2317.
...
The ?? would in fact be the bitsize for the network - e.g., 28 for a
28-bit network, which would have netmask 255.255.255.240, and 16
addresses, of which 14 would be usable.
But it helps to read the entire RFC.
> The examples here use "/" because it was felt to be more visible and
> pedantic reviewers felt that the 'these are not hostnames' argument
> needed to be repeated. We advise you not to be so pedantic, and to
> not precisely copy the above examples, e.g. substitute a more
> conservative character, such as hyphen, for "/".
So, use a hyphen: some name servers may choke on the '/'. Or use a
different sub-domain name.
Also:
> 5.2 Alternative naming conventions
>
> As a result of this method, the location of the zone containing the
> actual PTR records is no longer predefined. This gives flexibility
> and some examples will be presented here.
>
> An alternative to using the first address, or the first address and
> the network mask length in the corresponding address space, to name
> the new zones is to use some other (non-numeric) name. Thus it is
> also possible to point to an entirely different part of the DNS tree
> (i.e. outside of the IN-ADDR.ARPA tree). ...
The point is, the domain in which the canonical names [CNAMEs] are
found may be a delegated sub-domain of 42.32.64.in-addr.arpa - or they
may be entirely different domains. Like your own forward-DNS domains,
as demonstrated in the rest of 5.2. It's YOUR CHOICE. And that of
your ISP. ;-)
...
> Any assistance in getting this configuration to function properly is
> greatly appreciated. My head hurts from banging it against the wall
> for so long. ;-(
Figured it was something like that making you so cranky. ;-)
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list