consolidating in-addr.arpa data

John Thurston john.thurston at alaska.gov
Sat Sep 16 00:15:33 UTC 2023 

A host which auto-registers in MS DNS, creates an A in foo.alaska.gov 
and PTR in whatever.10.in-addr.arpa. MS DNS is happy to publish those.

But the DNS system running on BIND also has a whatever.10.in-addr.arpa 
zone.

So if I want to find the PTR for 13.12.11.10.in-addr.arpa, I must query 
both DNS systems in turn. If I get NXDOMAIN from both, then I can say 
the PTR doesn't exist.

On each system, I'd like to be able to take the 10.in-addr.arpa data 
from the other, compute the differences, and incorporate them locally. 
Then I'll be able to query either system, and accept an NXDOMAIN with 
confidence.

And since writing my earlier note, I have re-located the code I think I 
stumbled across earlier

Tony Finch's "nsdiff"


https://dotat.at/prog/nsdiff/


--
Do things because you should, not just because you can.

John Thurston    907-465-8591
John.Thurston at alaska.gov
Department of Administration
State of Alaska

On 9/15/2023 2:21 PM, Greg Choules wrote:
> Hi John.
> Can you tell me a bit more please?
> - What zones exist in both BIND and MS DNS for something.10.in-addr.arpa?
> - Where are hosts auto registering to? I'd guess MS, but it would be 
> good to confirm.
> - What does fragmentation look like? A few real examples would be 
> useful. I'm trying to understand just what is the problem.
> - How much of 10 do you use?
> - What do you mean by "...can be published from two different DNS 
> services."? Could you expand on that please?
> - Is there any zone transfer between BIND and MS DNS?
>
> Thanks, Greg
>
> On Fri, 15 Sept 2023 at 21:00, John Thurston 
> <john.thurston at alaska.gov> wrote:
>
>     This question involves making our BIND system work with
>     Microsoft's DNS software. If this makes it off-topic, let me know
>     and I'll be quiet about it.
>
>     We use ISC BIND to hold and host most of our zone data.
>     Internally, we have delegated some zones, and they are held in
>     Microsoft DNS. These zones are used for MS Active Directory
>     'Domains', and accept auto-registration of DNS records from
>     authorized hosts. Because we are using 10-dot addresses
>     internally, the auto-registration by hosts causes fragmentation of
>     the 10.in-addr.arpa zone data.
>
>     I recall someone once offered a bit of code to mash this zone data
>     back together, so the same information can be published from two
>     different DNS services. I've hunted through this list's archive
>     and have not found the reference. Before I go roll my own, can
>     anyone point me at an existing solution?
>
>     -- 
>     --
>     Do things because you should, not just because you can.
>
>     John Thurston    907-465-8591
>     John.Thurston at alaska.gov
>     Department of Administration
>     State of Alaska
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230915/ef2f6a22/attachment-0001.htm>

More information about the bind-users mailing list