problems with reversing

Kevin Darcy kcd at daimlerchrysler.com
Wed Apr 19 21:46:35 UTC 2000


Presumably RFC 2317 is one that you've read. The basic concept there is
actually fairly simple: instead of *delegating* a zone, with real NS records
and whatnot, you just create aliases for the records you want to be managed on
another server. Then the other server creates a zone *anywhere* in the
namespace, as long as it's something delegated to their control of course, to
contain the PTR records to which these aliases point. When a client does the
reverse lookup, it gets the CNAME, then it looks that up and gets the PTR. It's
virtually transparent to end users and applications.

So, to make it work, the parent needs to add CNAMEs where they would normally
add PTR's, e.g.

(in, say, 1.168.192.in-addr.arpa)

1    IN    CNAME    1.rev.example.com.
2    IN    CNAME    2.rev.example.com.
3    IN    CNAME    3.rev.example.com.
... and so forth ...

Then the admin of the rev.example.com (or whatever) zone creates the matching
PTRs:

1    IN    PTR    server1.example.com.
2    IN    PTR    server2.example.com.
3    IN    PTR    server3.example.com.
...blah blah...

That's all there is to it. In the example, a reverse lookup of 192.168.1.1
resolves as an alias to 1.rev.example.com. which is a PTR to
server1.example.com. Most clients and applications will just see that
192.168.1.1 reverse-maps to server1.example.com; they won't care or probably
even know about the intermediate CNAME.

(Yes, I know that RFC 2317 and various other sources recommend that the
"container" zone into which you put the PTR's be delegated from the
in-addr.arpa zone containing the CNAMEs, but I don't personally agree with that
recommendation. In fact, I think it's less confusing if you hang the zone(s)
off your forward namespace. You can even give it/them descriptive, "friendly"
names if you want.)


- Kevin

admin at isni.net wrote:

> I have a full C network, 2 servers.
>
> What I want to do here is host the c primarily on ns1.mydomain.com
> and assign a subnet of like 8 addresses or however many, doesn't matter so
> i can delegate/reverse/etc from ns2.mydomain.com
>
> ie: on ns2.mydomain.com I can create forward AND reverse names, such as
> bla.ns2.mydomain.com, etc etc.
>
> I've read every freaking rfc, every freaking dns how-to, nothing works, i've
> copied, i've pasted, i've emailed, i've read and read and read and nothing
> is working...can someone that has actually done this and been sucessful
> please help me!! thanks very much :)
>
> if someone could even post/email me copies of their forward and reverse zone
> files, this would GREATLY help, thanks again!
>
> Aaron Richards






More information about the bind-users mailing list