Reverse Delegation Sanity check

Mark.Andrews at iengines.com Mark.Andrews at iengines.com
Tue Dec 14 02:37:19 UTC 1999 

> Folks,
> 
> I need a little sanity check on my work before I put this into
> production since I havent done reverse delegation for a LONG time.
> 
> I have 2 subnets that need to be delegated out to another nameserver.
> 
> First is the 137.236.0.0/255 Class B address which my main nameserver is
> responsible for. I need to delegate out 137.236.214.0/255 to another dns
> server.

	Note <IP address>/<number of significant bits>.

		Old Class A -> /8
		Old Class B -> /16
		Old Class C -> /24

	To delegate 137.236.214.0/24 just do it like you would and other
	zone.  In the zone file for 236.137.in-addr.arpa add:

	e.g.
	214	IN	NS	medns1.messagereach.com.

	primary 214.236.137.in-addr.arpa db.137.236.214
> 
> Second is the 205.183.255.0/255 Class C address which is another
> nameserver I am responsible for. I need to delegate out a subnet
> of that class C. 205.183.255.223/224 to another dns server.
> 
	[deleted class B example]
> 
> For the Class C subnet delegation I do on the 205.183.255.0/255 primary
> dns server I put in the db.205.183.255 file

	A mask of 255.255.255.224 -> /27.

	205.183.255.223/27 is 205.183.255.192 - 205.183.255.233
	though it would normally be written as 205.183.255.192/27.

	205.183.255.224/27 is 205.183.255.224 - 205.183.255.255

	I generally use <start>-<stop>.XXX.XXX.XXX.IN-ADDR.ARPA as it
	avoids bugs in resolver implementations and works for non bit
	alligned delegations.

	e.g.
	224-255	IN	NS	medns1.messagereach.com.
	224	IN	CNAME	224.224-255
	...
	255	IN	CNAME	255.224-255

	secondary 255.183.205.in-addr.arpa <IP of primary> db.205.183.255
	primary 224-255.255.183.205.in-addr.arpa db.205.183.255.224

> 
> 224/223  NS   medns1.messagereach.com. 
> 224     CNAME 224.224/223  
> 225     CNAME 225.224/223  
> 226     CNAME 226.224/223  
> 227     CNAME 227.224/223  
> 228     CNAME 228.224/223  
> 
> .. And so on up to 255 for the subnetted class C.
> 
> Then on the medns1.messagereach.com server I setup in the named.boot file
> 
> primary 224/223.255.183.205.in-addr.arpa db.205.183.255.223
> 
> Is this correct? If not where did I go wrong? Any shortcuts I could use?
> Thanks for any help..

	BIND 8 has $GENERATE which allows you to generate a range of
	RRs based on a template.

	Also if you are serving a /25 to /32 it is good practice to serve
	the parent zone as well.  See the example above.

	Mark
> 
> Mike
> 
> --
> Friends help you move. Real friends help you move bodies.
> 
> 
--
Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at iengines.com

More information about the bind-users mailing list