Reverse DNS conditional forwardning

Matus UHLAR - fantomas uhlar at fantomas.sk
Thu Jan 18 19:08:44 UTC 2018 

>On 01/18/2018 03:44 AM, Matus UHLAR - fantomas wrote:
>>what you search for is the Classless IN-ADDR.ARPA delegation, 
>>described in RFC2317

On 18.01.18 09:39, Grant Taylor via bind-users wrote:
>Classless IN-ADDR.ARPA delegation likely won't work if all IPs 
>involved are not configured for it.

you can create something very similar, not necessarily classless.
simply redirect reverse names via CNAME to other zone. 
very standard.

>I would suggest adding NS records to (re)delegate the (few?) IPs in 
>question back to the proper name server.  I.e.
>
>; Mach Global zone file
>$ORIGIN 2.0.192.in-addr.arpa.
>@	IN	SOA	prisoner.iana.org. hostmaster.root-servers.org. (2002040800 
>30m 15m 1w 1w)
>1	IN	PTR	host1.example.net.
>2	IN	PTR	host2.example.net.
>; …
>42	IN	PTR	host42.example.net.
>; …
>
>; Mach local zone file
>$ORIGIN 2.0.192.in-addr.arpa.
>@	IN	SOA	myLocalServer.myLocalDomain.myTld. 
>myEmail.myPublicDomain.myTld. (2002040800 30m 15m 1w 1w)
>1	IN	PTR	client1.myLocalDomain.myTld.
>2	IN	PTR	client2.myLocalDomain.myTld.
>; …
>42	IN	NS	blackhole-1.iana.org.
>42	IN	NS	blackhole-2.iana.org.

what's the point of redirecting reverse DNS to blackholes?


>; …
>96	IN	PTR	server3.myLocalDomain.myTld.
>97	IN	PTR	oldServer3.myLocalDomain.myTld.
>; …
>
>This might not be an up and up proper delegation, but every time I've 
>used this technique it has worked for me.  Further, it does not 
>require the complexities of RFC 2317 Classless IN-ADDR.ARPA 
>delegation, including the parent zone configured to support it.

you just showed how parent zone (2.0.192.in-addr.arpa) must be configured for it.

what you describe is how dj bernstein proposed reverse delegation.
However it's much better to define subzone and redirect records via CNAMEs
to it. it's easier to define one subzone with a few NS records pointing to
it and replace each PTR with CNAME than replace each PTR with multiple NSes.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!

More information about the bind-users mailing list