Reverse mapping on a non-octet boundary
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Thu Jul 24 18:32:51 UTC 2003
Sam Pointer <sam.pointer at hpdsoftware.com> wrote:
> Hello list;
> I'm in a bit of a BIND. I am in the process of moving our reverse mapping
> in-house. We only allocated part of the IP range. Therefore the ISP for this
> range has delegated various parts on the in-addr.arpa subdomain to us, thus:
> ;195.167.246.0/27
> 0-31 IN NS ns1.hpdsc.com.
> 0-31 IN NS ns2.hpdsc.com.
> 0-31 IN NS ns3.hpdsc.com.
> 0-31 IN NS ns4.hpdsc.com.
> ;195.167.246.32/29
> 32-39 IN NS ns1.hpdsc.com.
> 32-39 IN NS ns2.hpdsc.com.
> 32-39 IN NS ns3.hpdsc.com.
> 32-39 IN NS ns4.hpdsc.com.
> ;195.167.246.40/30
> 40-43 IN NS ns1.hpdsc.com.
> 40-43 IN NS ns2.hpdsc.com.
> 40-43 IN NS ns3.hpdsc.com.
> 40-43 IN NS ns4.hpdsc.com.
> That bit I understand, all well and good (BTW: this hasn't updated yet if
> you go to check).
> Now, the bit I am missing is how do I set-up my in-addr domains my end? Can
> I simply have a large '246.167.195.in-addr.arpa.' Zonefile to handle the
> whole lot? In my mind I can, as the query of anything above
> '43.246.167.195.in-addr.arpa' will be sent to whatever the ISP has delegated
> this subdomain too.
No, not in this case ( unless your provider makes adjustments )
What your provider delegated is 3 zones :
0-31.246.167.195.in-addr.arpa.
32-39.246.167.195.in-addr.arpa.
40-43.246.167.195.in-addr.arpa.
You will setup 3 zonefiles, ( zone "0-31.246.167.195.in-addr.arpa" { ... )
with contents exactly as if you owned the 246.167.195.in-addr.arpa :
@ IN SOA ( ...
IN NS xxx
IN NS yyy
1 IN PTR firsthost.domain.tld.
2 IN PTR secondhost.domain.tld.
etc
If you could convince your provider to delegate all three ranges as :
hpdsc IN NS ns1.hpdsc.com.
hpdsc IN NS ns2.hpdsc.com.
and in their CNAME replace "[0-31|32-39|40-43]" with "hpdsc"
you would of course be autorative for "hpdsc.246.167.195.in-addr.arpa."
and could have all your PTR in this file.
> This is the way we have our in-addr.arpa set-up for our other ISP; but they
> use the RFC2317 method of having CNAME records pointing all over the place -
> as opposed to a straight delegation such as this.
Hmm, the above IS rfc2317 method. Whats the difference ?
> Any help would be appreciated.
> Sam Pointer
> UNIX, Security & Network Administration
> HPD Software Limited
> Tel: + 44 (0) 20 8780 6800
> Fax: + 44 (0) 20 8780 6801
> This email and any attachments are strictly confidential and are intended
> solely for the addressee. If you are not the intended recipient you must
> not disclose, forward, copy or take any action in reliance on this message
> or its attachments. If you have received this email in error please notify
> the sender as soon as possible and delete it from your computer systems.
> Any views or opinions presented are solely those of the author and do not
> necessarily reflect those of HPD Software Limited or its affiliates.
> At present the integrity of email across the internet cannot be guaranteed
> and messages sent via this medium are potentially at risk. All liability
> is excluded to the extent permitted by law for any claims arising as a re-
> sult of the use of this medium to transmit information by or to
> HPD Software Limited or its affiliates.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list