Reverse Delegation Problem.

Barry Margolin barmar at genuity.net
Tue Mar 19 18:25:36 UTC 2002


In article <a77ust$4uu at pub3.rc.vix.com>, Aaron Endly  <aaron at nac.net> wrote:
>I apologize.  actual example is 64.21.150/24 which is delegated to dns and 
>dns2.site5.com.  our nameservers are ns1 and ns2.nac.net.  and the remote 
>ive been using is ns.gti.net, but other remotes work as well.

21.64.in-addr.arpa isn't delegated to your servers (you don't own the
entire 64.21/16 block, only 64.21.0/24 - 64.21.191/24), so you can't
delegate 150.21.64.in-addr.arpa to another server.  You need to remove the
21.64.in-addr.arpa zone from your servers, and replace it with separate
zones for each /24 block.

You can either configure your servers as slaves to the customer's server,
or send a SWIP to ARIN telling them to delegate 64.21.150/24 to your
customer's servers.  You could also use RFC 2317 to delegate all the
addresses within the /24 to the customer's servers.  Put the following in
the 150.21.64.in-addr.arpa zone:

0/24 IN NS dns.site5.com.
     IN NS dns2.site5.com.

$GENERATE 0-255 $ IN CNAME $.0/24

Then have the customer configure their servers as authoritative for
0/24.150.21.64.in-addr.arpa, and fill it with their PTR records.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list