Delegation of CIDR Block
Bob Vance
bobvance at alumni.caltech.edu
Tue Feb 13 14:17:09 UTC 2001
Thanks.
>it is often less work to make changes that customers need on a demand
>basis, than battling ongoing problems caused by customers running the
>masters badly.
That's the type of info I wanted :)
I really hadn't thought of that (since *I* never made an error when I
ran the DNS :).
Of course, in this case the ISP is *already* letting him master the
forward domain, but just doesn't want to let him do a partial reverse.
A single line in the ISP reverse domain would do the trick:
$GENERATE 16-31 $ CNAME $.rev.cust.com.
Then the customer can put the PTRs right in the forward zone:
$ORIGIN .cust.com.
...
foo IN A 1.2.3.4
19.rev IN PTR foo
So what's special about the reverse data that the customer might screw
up as opposed to the forward data he already has control of?
Hmmm. Maybe breaking a reverse and then complaining that he can't send
mail to some site whose mail system wants to do a reverse lookup :)
-------------------------------------------------
Tks | <mailto:BVance at sbm.com>
BV | <mailto:BobVance at alumni.caltech.edu>
Sr. Technical Consultant, SBM, A Gates/Arrow Co.
Vox 770-623-3430 11455 Lakefield Dr.
Fax 770-623-3429 Duluth, GA 30097-1511
=================================================
-----Original Message-----
From: Andras Salamon [mailto:andras at dns.net]
Sent: Tuesday, February 13, 2001 4:49 AM
To: Bob Vance
Subject: Re: Delegation of CIDR Block
On Mon, Feb 12, 2001 at 11:11:48AM -0500, Bob Vance wrote:
> It's definitely better (for you) for you to be master.
In this case, it seems that way.
> I think that they should allow you to be master and they should be
> secondary, if that's what you want.
Definitely.
> OTOH, I don't work for an ISP ;>)
>
> I would be interested in hearing legitimate reasons why an ISP might
be
> reluctant to do this -- it's certainly not hard to implement, and can
> even be done *without* a new delegation from them or a new zone in
your
> config.
In an ISP environment, it has been my experience that it is often
less work to make changes that customers need on a demand basis, than
battling ongoing problems caused by customers running the masters badly.
For around 1 in 10 zones it makes sense for the customer to run the
master, especially if DNS changes are frequent and if the DNS skills at
the customer are good.
For the other 9 in 10 the cost is just too great. Making a one-line
change to a zonefile costs less than spending 30 minutes on the phone
diagnosing a spurious network problem, and another 30 convincing the
customer that their name servers need fixing. I've lost count of the
number of organisations that have switched ISPs due to 'bad provision of
services' caused entirely by their name servers (and contents thereof)
being flaky.
In my opinion, a decent ISP should offer to run the master, but must be
willing to allow the customer to run it. In addition, if the customer
runs the master and does not have redundant links, the ISP should offer
to support a hidden master setup.
-- Andras Salamon andras at dns.net
More information about the bind-users
mailing list