Reverse mapping on a non-octet boundary

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Thu Jul 24 18:32:51 UTC 2003 

Sam Pointer <sam.pointer at hpdsoftware.com> wrote:
> Hello list;

> I'm in a bit of a BIND. I am in the process of moving our reverse mapping
> in-house. We only allocated part of the IP range. Therefore the ISP for this
> range has delegated various parts on the in-addr.arpa subdomain to us, thus:

> ;195.167.246.0/27
> 0-31            IN      NS      ns1.hpdsc.com.
> 0-31            IN      NS      ns2.hpdsc.com.
> 0-31            IN      NS      ns3.hpdsc.com.
> 0-31            IN      NS      ns4.hpdsc.com.
> ;195.167.246.32/29
> 32-39           IN      NS      ns1.hpdsc.com.
> 32-39           IN      NS      ns2.hpdsc.com.
> 32-39           IN      NS      ns3.hpdsc.com.
> 32-39           IN      NS      ns4.hpdsc.com.
> ;195.167.246.40/30
> 40-43           IN      NS      ns1.hpdsc.com.
> 40-43           IN      NS      ns2.hpdsc.com.
> 40-43           IN      NS      ns3.hpdsc.com.
> 40-43           IN      NS      ns4.hpdsc.com.

> That bit I understand, all well and good (BTW: this hasn't updated yet if
> you go to check).

> Now, the bit I am missing is how do I set-up my in-addr domains my end? Can
> I simply have a large '246.167.195.in-addr.arpa.' Zonefile to handle the
> whole lot? In my mind I can, as the query of anything above
> '43.246.167.195.in-addr.arpa' will be sent to whatever the ISP has delegated
> this subdomain too.

No, not in this case ( unless your provider makes adjustments )

What your provider delegated is 3 zones :
0-31.246.167.195.in-addr.arpa.
32-39.246.167.195.in-addr.arpa.
40-43.246.167.195.in-addr.arpa.

You will setup 3 zonefiles, ( zone "0-31.246.167.195.in-addr.arpa" { ... )
with contents exactly as if you owned the 246.167.195.in-addr.arpa :

@	IN SOA ( ...
	IN NS  xxx
	IN NS  yyy
1	IN	PTR	firsthost.domain.tld.
2	IN	PTR	secondhost.domain.tld.
etc

If you could convince your provider to delegate all three ranges as :

hpdsc	IN      NS      ns1.hpdsc.com.
hpdsc	IN	NS	ns2.hpdsc.com.

and in their CNAME replace "[0-31|32-39|40-43]" with "hpdsc" 

you would of course be autorative for "hpdsc.246.167.195.in-addr.arpa." 
and could have all your PTR in this file.



> This is the way we have our in-addr.arpa set-up for our other ISP; but they
> use the RFC2317 method of having CNAME records pointing all over the place -
> as opposed to a straight delegation such as this.
Hmm, the above IS rfc2317 method. Whats the difference ?


> Any help would be appreciated.

> Sam Pointer
> UNIX, Security & Network Administration
> HPD Software Limited
> Tel: + 44 (0) 20 8780 6800
> Fax: + 44 (0) 20 8780 6801


> This email and any attachments are strictly confidential and are intended
> solely for the addressee. If you are not the intended recipient you must
> not disclose, forward, copy or take any action in reliance on this message
> or its attachments. If you have received this email in error please notify
> the sender as soon as possible and delete it from your computer systems.
> Any views or opinions presented are solely those of the author and do not
> necessarily reflect those of HPD Software Limited or its affiliates.

>  At present the integrity of email across the internet cannot be guaranteed
> and messages sent via this medium are potentially at risk.  All liability
> is excluded to the extent permitted by law for any claims arising as a re-
> sult of the use of this medium to transmit information by or to 
> HPD Software Limited or its affiliates.




-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list