Reverse DNS conditional forwardning
Grant Taylor
gtaylor at tnetconsulting.net
Thu Jan 18 16:39:07 UTC 2018
On 01/18/2018 03:44 AM, Matus UHLAR - fantomas wrote:
> what you search for is the Classless IN-ADDR.ARPA delegation, described
> in RFC2317
Classless IN-ADDR.ARPA delegation likely won't work if all IPs involved
are not configured for it.
I would suggest adding NS records to (re)delegate the (few?) IPs in
question back to the proper name server. I.e.
; Mach Global zone file
$ORIGIN 2.0.192.in-addr.arpa.
@ IN SOA prisoner.iana.org. hostmaster.root-servers.org. (2002040800 30m
15m 1w 1w)
1 IN PTR host1.example.net.
2 IN PTR host2.example.net.
; …
42 IN PTR host42.example.net.
; …
; Mach local zone file
$ORIGIN 2.0.192.in-addr.arpa.
@ IN SOA myLocalServer.myLocalDomain.myTld.
myEmail.myPublicDomain.myTld. (2002040800 30m 15m 1w 1w)
1 IN PTR client1.myLocalDomain.myTld.
2 IN PTR client2.myLocalDomain.myTld.
; …
42 IN NS blackhole-1.iana.org.
42 IN NS blackhole-2.iana.org.
; …
96 IN PTR server3.myLocalDomain.myTld.
97 IN PTR oldServer3.myLocalDomain.myTld.
; …
This might not be an up and up proper delegation, but every time I've
used this technique it has worked for me. Further, it does not require
the complexities of RFC 2317 Classless IN-ADDR.ARPA delegation,
including the parent zone configured to support it.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180118/3de8df61/attachment.bin>
More information about the bind-users
mailing list