Problems classless in-addr delegation

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Mon Oct 14 10:19:23 UTC 2002 

phn at icke-reklam.ipsec.nu wrote:

> Carl Olsson <carol043 at student.liu.se> wrote:

>> Hi!

>> We are installing djbdns on a network with 1 server and 2 clients. The
>> server has the IP address 130.236.189.74 and the clients has 75 and 76
>> as the last nr. We have already written:

>> ./add-ns server3.a3.sysinst.ida.liu.se 130.236.189.74

>> but the problem is that we must use classless in-addr arpa delegation
>> and we only have the 3 IP addresses. Can someone explain this? How do
>> I write the ./add-ns command for this? What is a zone? Is that useful?

>> Regards
>> Carl Olsson

> You better ask in a group dedicated to djdns. This group deals with bind.

I usually try _not_ to follow up on my own posts, but politeness 
forces me to try to give a more complete answer :

Classless reverse delegation aka RFC2317 delegation is a method 
used to enable delegating smaller networks then the classical 'A' 'B' and
'C' sizes. 

Short description :
suppose you have been assigned ip 11.22.33.41 - 11.22.33.44 from your ISP.

For reverse records ( PTR records) dns have previously relied on the
fact that the zone 33.22.11.in-addr.arpa may have labels for
the last field ( 41 to 44 ) where each field can be represented
with a record :
41  IN  PTR   <your real hostname>
42  IN  PTR   <your next host> etc

to be able to delegate less then 256 ip, a trick was invented where
a zone ( with a made-up name ) is delegated in this zone, say "CarlO" for
this example. 

The isp does 2 things in the zonefile for 33.22.11.in-addr.arpa. :

1/ delegate the zone CarlO.33.22.11.in-addr.arpa. to your nameservers
2/ created CNAME's for each and every ip assigned to you, they might
look like :
41  IN  CNAME  41.CarlO.33.22.11.in-addr.arpa.
42  IN  CNAME  42.CarlO.33.22.11.in-addr.arpa. 

This will driva any nameserver looking for the PTR for
41.33.22.11.in-addr.arpa. to return the answer "don't look here, ask
for "41.CarlO.33.22.11.in-addr.arpa." instead. That's the normal 
interpretation of a CNAME, nothing new here.

A nameserver that has gotten this responce should continue, replacing
the original question with the CNAME answer. Thus a new question
should be made for "41.CarlO.33.22.11.in-addr.arpa."  PTR ? During 
the resolution process a delegation to your nameservers will be found, 
thus they should be asked.  

Now you must have prepared your nameservers to answer queries for
the zone "CarlO.33.22.11.in-addr.arpa." , and the queries asked
should be for "PTR". Thus you populate the zone with "PTR" records
in addition to yor SOA and NS records that every zone has.

This zone's contents looks like any other in-addr.arpa zone. The only
thing that differs is in named's configfile, instead of 

zone "41.33.22.11.in-addr.arpa." {
	type master;
	file "name-of.file";
};

you write :
zone "CarlO.33.22.11.in-addr.arpa" {
	type master;
	file "name-of.file";
};

See RIPE documentation "http://www.ripe.net/ripe/docs/ripe-192.html" 
and consult THE book : "Managing DNS and BIND" by crickett liu, as you 
live in sweden i'll be hapy to sell you a copy.

Now you have opt'ed for djdns, sorry but i cannot help you here. You
will have to find out elsewhere. But if you yurn to bind we
will be more then happy to help you out.



regards

> -- 
> Peter Håkanson         
>         IPSec  Sverige      ( At Gothenburg Riverside )
>            Sorry about my e-mail address, but i'm trying to keep spam out,
> 	   remove "icke-reklam" if you feel for mailing me. Thanx.


-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list