Split horizon DNS with subnetted reverse zones

Mark Andrews Mark_Andrews at isc.org
Tue Jun 21 14:28:07 UTC 2005 

> Hi,
> 
> I am wondering whether any of you on the list can help me with a bit of a
> DNS quandary I am in.
> 
> My ISP has given me an IP block 81.2.105.208/28.  I have to host PTR records
> on my DNS server using the subnetted style 208-223.105.2.81.in-addr.arpa. -
> this is fine.  The ISP host the zone 105.2.81.in-addr.arpa (or most of it),
> and have created CNAME records pointing to the subnetted zone, listing my
> public nameserver as the primary for the subnetted zone.
> 
> However, I run a split horizon DNS setup with the public information on one
> server and LAN-specific information on the other.  This is mainly because
> our lan uses the subdomain ad.hodgsonfamily.org.  I host the records on both
> on two completely different instances.
> 
> The issue I have is I want to create the reverse zone for inside my LAN, but
> here I have an issue, as if I created 105.2.81.in-addr.arpa, the rest of
> that zone (i.e, for IP addresses I don't own) are not being resolved since
> the DNS server can pick up the zone locally.  If I create the subnetted
> zone, there would be no CNAME records in the parent to get resolution
> working.
> 
> Has anyone been in this situation before?  I have two possible workarounds,
> one is to create a complete zone file for each IP address, and the other
> involves ensuring only the subnetted zone exists, and relying on resolution
> to find the cname records from the root nameservers, thus when it gets to
> the looking up from the subnetted zone it would know the information locally
> thus pick up the records?
> 
> Alternatively does anyone know a trick in bind I can use to get this working
> a different (and probably more appealing!) way?
> 
> Thanks.
> Andrew.

	Both your internal and external servers need to be (stealth) slaves
	for 105.2.81.in-addr.arpa.  That way all the servers have the CNAMEs
	pointing into 208-223.105.2.81.in-addr.arpa.  All your servers also
	have relevent versions of 208-223.105.2.81.in-addr.arpa.

> 
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
> 
> allpay.net Limited, Fortis et Fides, Whitestone Business Park, Whitestone, He
> reford, HR1 3SE. Telephone: 0870 243 3434, Fax: 0870 243 6041. Website: www.a
> llpay.net Email: enquiries at allpay.net
> 
> 
> 
> 
> **********************************************************************
> 
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list