Delegation Question
Jim Reid
jim at mpn.cp.philips.com
Thu Oct 28 22:50:20 UTC 1999
>>>>> "Tavis" == Tavis <Tavis at PCMSITE.COM> writes:
Tavis> Hello all, We have a /20 216.99.96.0-216.99.111.255 from
Tavis> arin and I would like to delegate authority for one class C
Tavis> or /24 (216.99.107.0) to one of my customers. I have read
Tavis> through the parenting chapter in the cricket book several
Tavis> times but what they suggest doesn't seem to make sense in
Tavis> my case. I do not have access to the 99.216.in-addr.arpa
Tavis> file to delegate to delegate a /24 out of that zone in the
Tavis> way suggested in the book. Is there a way to do this
Tavis> without going to arin?
Yes. See RFC2317. Set up the 107.99.216.in-addr.arpa zone on your name
servers. After all, it belongs to you... Instead of populating it with
PTR records, set up a delegation to your customer and add a bunch of
CNAMEs which point at this delegation. ie:
107.99.216.in-addr.arpa. IN SOA ( ..... )
customer.107.99.216.in-addr.arpa. IN NS ns1.customer.com.
customer.107.99.216.in-addr.arpa. IN NS ns2.customer.com.
0.107.99.216.in-addr.arpa. IN CNAME 0.customer.107.99.216.in-addr.arpa.
...
...
255.107.99.216.in-addr.arpa. IN CNAME 255.customer.107.99.216.in-addr.arpa.
Reverse lookups of addresses in 216.99.107.X will go to your name
servers where they find these CNAMEs, follow them to the delegation
of customer.107.99.216.in-addr.arpa on your customer's name servers
where they find a PTR record for 0.customer.107.99.216.in-addr.arpa or
whatever.
This way you retain control of the 107.99.216.in-addr.arpa reverse
zone - you can take it back from the customer - and your customer has
responsibility for making reverse lookups of "their" addresses work.
More information about the bind-users
mailing list