Delegating in reverse lookup zones
Joseph S D Yao
jsdy at tux.org
Tue Dec 15 19:56:22 UTC 2009
On Tue, Dec 15, 2009 at 01:52:50PM -0500, Simon Dodd wrote:
...
> But that isn't what we want to do for this particular zone. We want to
> delegate all queries concerning 188.134.63.in-addr.arpa to
> ns1.midwestfirst.com and ns2.midwestfirst.com. Albitz & Liu 4th says that's
> fair game, so here's how I configured the zone:
...
I'm sorry! I read that too quickly the first time.
The simpler answer is, instead of delegating to YOU, have the owner of
134.63.in-addr.arpa delegate to MidwestFirst.
If you do not wish to do this, then DON'T have a zone file at all.
Instead of the zone being "type master;" have it be "type forward;".
And list "forwarders { 65.113.74.3; 65.113.74.4; };" [that being the IP
addresses of the two name servers with the actual information]. Then
you will be proxying their domains back to people who query you.
The problem is, of course, that if they list their own name servers as
the domain's name servers, then the information will be inconsistent
between parent and child. For consistency, they should list your name
servers. If they are sufficiently enlightened or security-conscious as
to have separate resolving name servers and authoritative name servers,
then their resolving name servers can have the same "forward" zone
declaration as your name servers.
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list