CIDR Reverse-DNS Zone Updates
Simon Hobson
dhcp1 at thehobsons.co.uk
Thu Aug 10 07:12:15 UTC 2006
Suertreus wrote:
>I run a network on half of a 10.x.x.x Class A private address space
>using CIDR. My network is
>10.128.0.0/9, so the associated DNS zones are as follows in BIND named.conf:
>
>01 zone "foo.bar.baz" {
>02 type master;
>03 file "foo.bar.baz.zone";
>04 update-policy { grant dhcp-key subdomain
>"foo.bar.baz." A AAAA TXT; };
>05 };
>06 zone "10.in-addr.arpa" {
>07 type master;
>08 file "10.in-addr.arpa.zone";
>09 };
>10 zone "128/9.10.in-addr.arpa" {
>11 type master;
>12 file "128-9.10.in-addr.arpa.zone";
>13 update-policy { grant dhcp-key subdomain
>"128/9.10.in-addr.arpa." PTR TXT; };
>14 };
Check the archives, there has been a discussion of how to handle this
several times over the years - normally to manage updates of a range
smaller than /24. The key things to remember are :
DHCP does NOT support updating of arbitrary zones, it takes the ip
address, reverses the octets, and appends the reverse domain name
(deafult in-addr.arpa).
What you can do in the general case is this :
create your local zone, for example "rev.mydomain.com" - it can be
anything as long as dhcp can update d.c.b.a.something for address
a.b.c.d.
For you subnets in the 10.128.0.0/9 range, set the base zone for ddns
updates to "rev.mydomain.com". It will now treat rev.mydomain.com as
the root for reverse dns updates in those subnet(s).
Build the relevant zones/delegations in dns, bearing in mind that as
some point you need entries of the form "d.c.b.a.in-addr.arpa CNAME
d.c.b.a.rev.mydomain.com" which can be achieved by the use of
$GENERATE. You are probably doing this in some way already just to
make dns work.
However, what you have is effectively a supernet which makes things
very, very, very much simpler IF you reconfigure your dns. You might
benefit from this anyway as the pain of managing a
128/9.10.in-addr.arpa can be higher than managing the
n.10.in-addr.arpa zones that make it up.
To do this you simply define separate zones for :
128.10.in-addr.arpa, 129.10.in-addr.arpa, and so on.
More information about the dhcp-users
mailing list