Reverse DNS conditional forwardning

[Grant Taylor]

On 01/18/2018 03:44 AM, Matus UHLAR - fantomas wrote:
> what you search for is the Classless IN-ADDR.ARPA delegation, described 
> in RFC2317

Classless IN-ADDR.ARPA delegation likely won't work if all IPs involved 
are not configured for it.

I would suggest adding NS records to (re)delegate the (few?) IPs in 
question back to the proper name server.  I.e.

; Mach Global zone file
$ORIGIN 2.0.192.in-addr.arpa.
@	IN	SOA	prisoner.iana.org. hostmaster.root-servers.org. (2002040800 30m 
15m 1w 1w)
1	IN	PTR	host1.example.net.
2	IN	PTR	host2.example.net.
; …
42	IN	PTR	host42.example.net.
; …

; Mach local zone file
$ORIGIN 2.0.192.in-addr.arpa.
@	IN	SOA	myLocalServer.myLocalDomain.myTld. 
myEmail.myPublicDomain.myTld. (2002040800 30m 15m 1w 1w)
1	IN	PTR	client1.myLocalDomain.myTld.
2	IN	PTR	client2.myLocalDomain.myTld.
; …
42	IN	NS	blackhole-1.iana.org.
42	IN	NS	blackhole-2.iana.org.
; …
96	IN	PTR	server3.myLocalDomain.myTld.
97	IN	PTR	oldServer3.myLocalDomain.myTld.
; …

This might not be an up and up proper delegation, but every time I've 
used this technique it has worked for me.  Further, it does not require 
the complexities of RFC 2317 Classless IN-ADDR.ARPA delegation, 
including the parent zone configured to support it.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180118/3de8df61/attachment.bin>