Problems classless in-addr delegation

Michael E. Hanson MEHanson at GryphonsGate.com
Mon Oct 14 18:54:01 UTC 2002 

Maybe I'm being a little archaic here, but my understanding is that you
cannot have a delegated CIDR block of three addresses.  You can have a block
of 4 addresses, of which only two are usable, or a block of 8 of which only
6 are usable, but you can't have three.

Now, looking back at my CIDR notes, I think the only valid CIDR block that
encompasses the addresses a.b.c.74,75,&76 is a.b.c.72/29, which uses
a.b.c.72 as the network address, and a.b.c.79 as the broadcast address,
leaving .73, .74, .75, .76, .77, & .78 as device (or host) addresses.  At
the /30 level, a.b.c.74 can be a device address but not a.b.c.75 (broadcast
for a.b.c.72/30) or a.b.c.76 (which is itself a network address
a.b.c.76/30).

So, regardless of whether one is using BIND or DJBDNS, is it even possible
to do what the original poster was attempting?  Or is there something I'm
missing here?

_______________
Michael E. Hanson
President, Gryphon Consulting  Services
(http://www.GryphonsGate.com)
P.O. Box 1151
Bellevue, NE  68005-1151
(402) 871-9622

MEHanson at GryphonsGate.com (primary)
Gryphons_Master at yahoo.com
----- Original Message -----
From: <phn at icke-reklam.ipsec.nu>
Newsgroups: comp.protocols.dns.bind
To: <comp-protocols-dns-bind at isc.org>
Sent: Monday, October 14, 2002 5:19 AM
Subject: Re: Problems classless in-addr delegation


>
> phn at icke-reklam.ipsec.nu wrote:
>
> > Carl Olsson <carol043 at student.liu.se> wrote:
>
> >> Hi!
>
> >> We are installing djbdns on a network with 1 server and 2 clients. The
> >> server has the IP address 130.236.189.74 and the clients has 75 and 76
> >> as the last nr. We have already written:
>
> >> ./add-ns server3.a3.sysinst.ida.liu.se 130.236.189.74
>
> >> but the problem is that we must use classless in-addr arpa delegation
> >> and we only have the 3 IP addresses. Can someone explain this? How do
> >> I write the ./add-ns command for this? What is a zone? Is that useful?
>
> >> Regards
> >> Carl Olsson
>
> > You better ask in a group dedicated to djdns. This group deals with
bind.
>
> I usually try _not_ to follow up on my own posts, but politeness
> forces me to try to give a more complete answer :
>
> Classless reverse delegation aka RFC2317 delegation is a method
> used to enable delegating smaller networks then the classical 'A' 'B' and
> 'C' sizes.
>
> Short description :
> suppose you have been assigned ip 11.22.33.41 - 11.22.33.44 from your ISP.
>
> For reverse records ( PTR records) dns have previously relied on the
> fact that the zone 33.22.11.in-addr.arpa may have labels for
> the last field ( 41 to 44 ) where each field can be represented
> with a record :
> 41  IN  PTR   <your real hostname>
> 42  IN  PTR   <your next host> etc
>
> to be able to delegate less then 256 ip, a trick was invented where
> a zone ( with a made-up name ) is delegated in this zone, say "CarlO" for
> this example.
>
> The isp does 2 things in the zonefile for 33.22.11.in-addr.arpa. :
>
> 1/ delegate the zone CarlO.33.22.11.in-addr.arpa. to your nameservers
> 2/ created CNAME's for each and every ip assigned to you, they might
> look like :
> 41  IN  CNAME  41.CarlO.33.22.11.in-addr.arpa.
> 42  IN  CNAME  42.CarlO.33.22.11.in-addr.arpa.
>
> This will driva any nameserver looking for the PTR for
> 41.33.22.11.in-addr.arpa. to return the answer "don't look here, ask
> for "41.CarlO.33.22.11.in-addr.arpa." instead. That's the normal
> interpretation of a CNAME, nothing new here.
>
> A nameserver that has gotten this responce should continue, replacing
> the original question with the CNAME answer. Thus a new question
> should be made for "41.CarlO.33.22.11.in-addr.arpa."  PTR ? During
> the resolution process a delegation to your nameservers will be found,
> thus they should be asked.
>
> Now you must have prepared your nameservers to answer queries for
> the zone "CarlO.33.22.11.in-addr.arpa." , and the queries asked
> should be for "PTR". Thus you populate the zone with "PTR" records
> in addition to yor SOA and NS records that every zone has.
>
> This zone's contents looks like any other in-addr.arpa zone. The only
> thing that differs is in named's configfile, instead of
>
> zone "41.33.22.11.in-addr.arpa." {
> type master;
> file "name-of.file";
> };
>
> you write :
> zone "CarlO.33.22.11.in-addr.arpa" {
> type master;
> file "name-of.file";
> };
>
> See RIPE documentation "http://www.ripe.net/ripe/docs/ripe-192.html"
> and consult THE book : "Managing DNS and BIND" by crickett liu, as you
> live in sweden i'll be hapy to sell you a copy.
>
> Now you have opt'ed for djdns, sorry but i cannot help you here. You
> will have to find out elsewhere. But if you yurn to bind we
> will be more then happy to help you out.
>
>
>
> regards
>
> > --
> > Peter Håkanson
> >         IPSec  Sverige      ( At Gothenburg Riverside )
> >            Sorry about my e-mail address, but i'm trying to keep spam
out,
> >    remove "icke-reklam" if you feel for mailing me. Thanx.
>
>
> --
> Peter Håkanson
>         IPSec  Sverige      ( At Gothenburg Riverside )
>            Sorry about my e-mail address, but i'm trying to keep spam out,
>    remove "icke-reklam" if you feel for mailing me. Thanx.
>
>

More information about the bind-users mailing list