automatic reverse and forwarding zones
Havard Eidnes
he at uninett.no
Thu Oct 27 09:06:30 UTC 2022
>> Edit the corresponding REVERSE zone & add following line in the end
>>
>> $GENERATE 1-255 $ IN PTR 10-11-11-$.example.com.
>>
>> Dont forget to Reload bind config & you are done.
>
> Thanks.
> How is the syntax for IPv6?
> Is it possible to do it for an entire /64?
The full syntax of the $GENERATE zone file directive as
implemented by BIND can be found at
https://bind9.readthedocs.io/en/latest/chapter3.html#bind-primary-file-extension-the-generate-directive
Apparently, you can generate entries for 0-f with
$GENERATE 0-15 ${0,0,x}0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.e.d.0.c.d.a.b.0.1.0.0.2.ip6.arpa. IN PTR $.whatevername.your-domain-sequence.
However, a couple of points:
1) I don't think you can "nest" $GENERATE directives, so the
above only enters 16 PTR records in the DNS, and you probably need
to enter "umpteen" such $GENERATE entries if you want to insist on
unique names in the zone file.
2) Think about what you are trying to do here... To "fill" an
in-addr.arpa zone for a /24 you require 256 records, and that's
eminently feasible.
To "fill" an ip6.arpa zone for a /64 requires 18446744073709551616
records (yes, that's about 18 x 10^18 if my math isn't off). I
predict you do not posess a machine capable of running BIND with
that many records loaded -- I know we don't.
The $GENERATE directive actually creates all the individual records
you ask it to do before the zone is loaded "properly" -- think of it
as a "macro expansion" for the zone file, and that the zone file is
"pre-processed" before it's loaded.
The reasons above are probably the reason that ISPs either can be
tempted to do ip6.arpa for "anonymous clients" with wildcard records
if they do anything about it at all. Either that, or they generate
the zone file from other "external" provisioning data. The approach
of using wildcard records can from a technological perspective be
combined with "custom" entries in the same zone -- remember that
wildcard records only match if the queried-for name otherwise doesn't
exist in the zone file.
Regards,
- Håvard
More information about the bind-users
mailing list