Reverse Delegation
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Thu Nov 4 08:09:28 UTC 2004
Jim McAtee <jmcatee at mediaodyssey.com> wrote:
> We just started using a new ISP for connectivity at our offices. They're
> a reseller of another, national ISP.
> I'm trying to get them to set up delegation of reverse DNS for our
> network. I believe the reseller has some access to the larger ISPs DNS
> systems so that they can set up PTR records or CNAMEs in the in-addr.arpa
> zones for their customers. I'm not sure that they can create NS records
> to delegate subzones, however.
> Instead of them doing a fairly standard RFC 2317 delegation, as we've
> always done with our providers
> 0-26 IN NS ns1.mydomain.com.
> IN NS ns2.mydomain.com.
> $ORIGIN .
> 0 IN CNAME 0.0-26.95.104.199.in-addr.arpa.
> 1 IN CNAME 1.0-26.95.104.199.in-addr.arpa.
> 2 IN CNAME 1.0-26.95.104.199.in-addr.arpa.
> etc.
> would the following, without creating a delegated subzone, work just as
> well, or are there potential problems?
> $ORIGIN .
> 0 IN CNAME 0-officenet.mydomain.com.
> 1 IN CNAME 1-officenet.mydomain.com.
> 2 IN CNAME 2-officenet.mydomain.com.
> etc.
This last method will work well, in addition you will get away
with only one zonefile (mydomain.com)
In addition to your normal SOA NS MX & A records add PTR records looking like :
0-officenet IN PTR <name-of-host-using-1st-ip>.mydomain.com.
1-officenet IN PTR <name-of-host-using-2nd-ip>.mydomain.com.
repeat until done.
The nice thing is that grouping A and PTR records together reduces the
risk of errors.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list