DNS Delegation

Joseph S D Yao jsdy at cospo.osis.gov
Fri Feb 16 22:09:20 UTC 2001 

On Fri, Feb 16, 2001 at 03:18:36PM -0500, Vivek wrote:
> Well sorry for this newbie questoin, I have been given a task to get a DNS running for my deptt, and the delegation has been requested to  our parent (unknown.com ) which is currently doing resolution for us ( some.unknown.com. )
> The subnets we were allocated are 
> 12x.2x.243.low , 12x.2x.250.low and 12x.2x.213.low etc
> with all having masks of 255.255.255.128. 
> Now since we cannot own the whole subnet as rewiring is impossible  and  we currently share IP's on the same subnet randomly in no fix sequence with other departments who get their resolution from ( unknown.com) , like 12x.2x.243.2-7 belongs to us 12x.2x.243.8-13 belongs to Other deptt, and likewise.
>   Now the parent runs 8.2 , is it possible for them to delegate to us with other deptts still being resolved by them on the same subnets. Pl. lemme be informed before they tell me some crap for not doing this. 

'Tude!!!

OK, let's separate out two of DNS' many functions.  First, let's
consider name-to-IP address translation.  Then, let's consider IP
address-to-name translation.

The name server for domain "unknown.com" is translating names in that
domain (including your subdomain) to IP addresses.  To delegate, it
simply removes ALL entries for your subdomain except for the IP
addresses for your two or more peer domain name servers, and an NS
record for each of those servers, linking your subdomain to those
servers.  You take up the slack by putting those entries into YOUR zone
file for that subdomain.  This will be mostly A records translating
names to IP addresses, together with appropriate SOA, NS, MX (if you
have one), et al. records, and a $TTL at the top.

That's all.  Now you're translating names to IP addresses.  So what if
they aren't contiguous?  You can have IP addresses from every subnet on
the map as targets of names on your zone.  As long as they're valid,
who cares?  Certainly not BIND!

Now let's talk about IP address-to-name translation.

Read RFC 2317 and search through the archives for the many discussions
of RFC 2317.

You might first want to look for something like the "Reverse DNS
Primer" or "Reverse Lookup Primer", or whatever I call it when I
periodically post it.

Good luck.

(Lose the 'tude and you might not have to rely on luck.)

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

More information about the bind-users mailing list