Delegation of Inverse Zone Subnets

Rich Parkin RParkin at ldmi.com
Mon Apr 19 15:01:18 UTC 2004 

Okay, I've read RFC 2317 a couple of times and I'm having a bit of
trouble grasping some of the finer points...

If I understand it correctly, I first of all have to know exactly how
the address space is being subnetted (and since I don't manage the IP
allocations that in and of itself is going to be a trick).  Once
subnetted, it would seem that changing the subnets would involve
restructuring the parent zone each time.

Given 192.0.2.0 as an example, where 192.0.2.192 /27 has been delegated
to the customer.  At my end I might have the parent zone
2.0.192.in-addr.arpa containing something that roughly looks like this:

   @       IN      SOA     my-ns.my.domain. hostmaster.my.domain.
(...)
   ;...
   ;  <<0-127>> /25
   ;  not delegated
   ;
   0-25            NS      my-ns.my.domain.
   0-25            NS      my-ns2.my.domain.
   ;
   1               CNAME   1.0-25.2.0.192.in-addr.arpa.
   2               CNAME   2.0-25.2.0.192.in-addr.arpa.
   3               CNAME   3.0-25.2.0.192.in-addr.arpa.
   ;...
   ;  <<128-191>> /26
   ;  not delegated
   ;
   128-26          NS      my-ns.my.domain.
   128-26          NS      my-ns2.my.domain.
   ;
   129             CNAME   129.128-26.2.0.192.in-addr.arpa.
   130             CNAME   130.128-26.2.0.192.in-addr.arpa.
   131             CNAME   131.128-26.2.0.192.in-addr.arpa.
   ;...
   ;  <<192-223>> /27
   ;  delegated to customer
   ;
   192-27          NS      my-ns.my.domain.
   192-27          NS      my-ns2.my.domain.
   192-27          NS      their-ns.their.domain.
   192-27          NS      their-ns2.their.domain.
   ;
   193             CNAME   193.192-27.2.0.192.in-addr.arpa.
   194             CNAME   194.192-27.2.0.192.in-addr.arpa.
   195             CNAME   195.192-27.2.0.192.in-addr.arpa.
   ;...
   ;  <<224-255>> /27
   ;  not delegated
   ;
   224-27          NS      my-ns.my.domain.
   224-27          NS      my-ns2.my.domain.
   ;
   225              CNAME  225.224-27.2.0.192.in-addr.arpa.
   226              CNAME  226.224-27.2.0.192.in-addr.arpa.
   227              CNAME  227.224-27.2.0.192.in-addr.arpa.
  ;

In this case, I'd also have three child zones on my nameserver
corresponding to 0/25.2.0.192.in-addr.arpa.,
128/26.2.0.192.in-addr.arpa., and 224/27.2.0.192.in-addr.arpa. as master
zones with all of the corresponding PTR records.  The customer would
maintain a child zone for 192/27.2.0.192.in-addr.arpa. and manage their
own PTR records.

Do I essentially have this correct?  Am I missing anything?

The RFC strongly suggests that we slave our nameservers to theirs for
the child zone 192/27.2.0.192.in-addr.arpa.  I'm not comfortable slaving
our nameservers... can I get away without doing that?  This assumes
they're willing to allow me zone transfers, doesn't it?

Richard Parkin
System Administrator
CCNA
Data Center Operations
LDMI Telecommunications

>>> Pete Ehlke <pde at ehlke.net> 4/16/2004 2:19:25 PM >>>
On Fri Apr 16, 2004 at 12:44:02 -0400, Barry Margolin wrote:
>
>RFC 1537 describes how to delegate reverse DNS for a block smaller
than 
>/24.

Well, actually, it doesn't. 2317 does ;)

-Pete

More information about the bind-users mailing list