Forwarding reverse DNS queries
Barry Margolin
barmar at alum.mit.edu
Thu Nov 20 23:11:43 UTC 2003
In article <bpjef1$2u0e$1 at sf1.isc.org>,
Thomas Smith <tom at openadventures.org> wrote:
>A customer of mine is having issues with their reverse DNS. The
>situation is this:
>
>They lease a block of IPs from me. The customer has his own DNS servers
>(two of them). Forward lookups work fine, but reverse lookups don't work.
>
>I understand what the problem is--reverse lookups are being directed to
>my servers since I own the IP block in question.
>
>The question is: How do I forward reverse DNS lookups for a specific
>block of IPs to his servers?
If the block is smaller than a /24, you should use the technique described
in RFC 2317.
Suppose your network is 192.168.10.0/24 and his block is 192.168.10.16/28.
Your server should have the 10.168.192.in-addr.arpa zone on it. In that
zone file you should enter:
16/28 IN NS ns1.them.com.
IN NS ns2.them.com.
16 IN CNAME 16.16/28
17 IN CNAME 17.16/28
....
31 IN CNAME 31.16/28
The customer configures their servers as authoritative for the
16/28.10.168.192.in-addr.arpa zone, and puts their PTR records in its zone
file.
It's also usually a good idea for each of you to be stealth slaves for the
other's reverse zone.
--
Barry Margolin, barmar at alum.mit.edu
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list