How to delegate public IP zone internally
Mark Andrews
Mark_Andrews at isc.org
Tue Sep 6 23:13:56 UTC 2005
> My customer has several consecutive 156.xxx/16 blocks registered with
> ARIN, but none of them seem to have been delegated to them as
> in-addr.arpa zones. Normally this is not a problem, because my
> customer uses these blocks strictly for internal addressing. We
> allow some of their smaller units throughout the country to manage
> their own /24 zones by serving as stealth slaves. A simple slave
> statement in named.conf allows all other units to see their respective
> zones. The problem is this:
>
> An admin for one of these units has decided that he doesn't want to
> let us - the DNS mothership - do zone transfers anymore, negating the
> stealth zone idea. As it stands, nobody outside of their unit can see
> their 156.xxx.yyy.0 zone. The admin for the rogue unit is being
> intransigent... or am I?
>
> Is there any other way I can delegate these zones without claiming
> authority for 156.in-addr.arpa and breaking many public lookups? It
> seems to me that the stealth slave route is the simplest,
> hardest-to-break route here. If you can, please tell me otherwise.
>
> Thanks=20
> --Greg Chavez
Is there a reason why you don't follow the obvious? Get
the /16's delegated from ARIN then delegate the /24 from
them. Everyone can then just follow the normal delegation
path.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list